The @authdog/vue SDK adds authentication to Vue 3 and Nuxt apps: a provider component, a set of composables for the browser, and a server client for SSR. It reads the session Authdog issues and exposes the current user and their permissions.
Install
npm install @authdog/vueRequires Vue ^3.5. The package ships three entry points: @authdog/vue (composables), @authdog/vue/client (provider), and @authdog/vue/server (SSR).
Wrap your app
Every composable reads from AuthdogProvider, so mount it at the root:
<script setup lang="ts">
import { AuthdogProvider } from "@authdog/vue/client"
</script>
<template>
<AuthdogProvider>
<YourApp />
</AuthdogProvider>
</template>On load the provider reads the ?token= appended by the sign-in redirect, validates it, persists the session, and strips it from the URL.
Composables
useUser()—{ user, isLoading, error, isAuthenticated, fetchUser(publicKey) }useSession()—{ session, isLoading }wheresessionis{ token, isAuthenticated }useSignIn()—{ signIn(publicKey, redirectUrl?), isLoading, error }useSignUp(),useSignOut()—{ signOut, isLoading, error }useOrganization(),useOrganizationList()— the caller's tenantsuseAuthz()—{ permissions, hasPermission, hasAnyPermission, hasAllPermissions, ... }
useUser().fetchUser(publicKey) and useSignIn().signIn(publicKey, ...) take your environment's public key (pk_...) explicitly:
<script setup lang="ts">
import { onMounted } from "vue"
import { useUser } from "@authdog/vue"
const { user, isLoading, fetchUser } = useUser()
onMounted(() => fetchUser(import.meta.env.VITE_AUTHDOG_PUBLIC_KEY))
</script>Server-side sessions
For SSR and API routes, createAuthdogServer reads and verifies the session on the server — this is the real enforcement point:
import { createAuthdogServer } from "@authdog/vue/server"
const authdog = createAuthdogServer({
publicKey: process.env.AUTHDOG_PUBLIC_KEY!,
secretKey: process.env.AUTHDOG_SECRET_KEY!,
})
// authdog.getSession(request), authdog.logout(request)Composables and the provider are UX conveniences; treat the server session check as the security boundary, and pair it with your authorization model.
Next steps
- Sign up & sign in — the flows the provider drives.
- Backend requests — validate sessions on your API.
- Roles & permissions — the data behind
useAuthz.