feat: expose getSignInUrl and getSignUpUrl from authkit-js via useClient

[K-Mistele]

Context

The following information is provided for context about the problem I am trying to solve, and does not represent shortcomings in the authkit-react SDK:

I am building a native application using Tauri, which unlike electron does not ship chromium to the user - it uses the system's webview API.

When I call signIn(), the user is navigated to the WorkOS sign-in page in the Tauri webview, and redirects to the bundled react app on completion

Navigating the user to the WorkOS authkit UI in the webview causes several problems:

1. there is no native "back" button
2. Passkeys do not seem to be usable through the webview in many cases
3. the webview API uses the default browser for the system - e.g. it always uses safari on chrome, and always uses edge on Windows. If the user has passwords saved in-browser, or uses a password manager, they will not be available in the webview UI, which can make sign-in difficult for users who follow security best-practices

Problem

We want to solve this issue by redirecting the user from the system's default browser to the user's default browser using tauri's plugin-opener. However we do not have a way to get the sign-in / sign-up URL via authkit-react- we can only call signIn() or signUp() which handle the redirect internally to the SDK by setting window.location.href.

We want to get the URL, and then redirect the user to it in their default browser, and have the callback URL be a custom URL scheme for our app that the app can use to finish the auth flow.

This functionality is available in authkit-js via getSignInUrl and getSignUpUrl - but for some reason these two methods are not exposed through the useAuth() hook.

Solution

• expose getSignInUrl and getSignUpUrl through the useAuth hook so that we can get the URL and handle the redirect ourselves.

[K-Mistele]

Temporary sub-optimal solution: we have vendored out the authkit-react SDK into our codebase and added the changes ourselves, but this would be a nice fix to have so that we can use the officially supported SDK, continue to receive upstream updates, and make this easier for others who have similar issues

[greptile-apps]

Greptile Overview

Greptile Summary

This PR exposes two new methods from the underlying @workos-inc/authkit-js library through the React SDK: getSignInUrl and getSignUpUrl. These methods allow developers to retrieve authentication URLs without automatically redirecting users, enabling custom navigation flows. The change is motivated by the need to support Tauri applications, where the standard signIn() and signUp() methods that automatically handle redirects within webviews create poor user experience due to missing native browser features like password managers and passkeys.

The implementation involves two key changes: updating the Client type definition to include the new methods, and binding these methods in the provider to expose them through the useAuth() hook. This allows developers to get the authentication URLs and handle the navigation themselves, such as opening URLs in the system's default browser instead of the current webview.

Important Files Changed

Filename	Score	Overview
src/types.ts	5/5	Added getSignInUrl and getSignUpUrl to the Client type definition
src/provider.tsx	4/5	Bound the new methods from authkit-js client but NOOP_CLIENT fallback needs updating

Confidence score: 4/5

• This PR is safe to merge with low risk, addressing a legitimate use case for native applications
• Score lowered by one point due to incomplete NOOP_CLIENT implementation which could cause runtime issues during provider initialization
• Pay close attention to src/provider.tsx to ensure the NOOP_CLIENT includes the new methods before merging

Sequence Diagram

sequenceDiagram
    participant User
    participant TauriApp as "Tauri App"
    participant AuthKitProvider as "AuthKit Provider"
    participant AuthKitJS as "@workos-inc/authkit-js"
    participant SystemBrowser as "System Browser"
    participant WorkOSAuth as "WorkOS Auth"

    User->>TauriApp: "Initiate Sign In"
    TauriApp->>AuthKitProvider: "useAuth().getSignInUrl()"
    AuthKitProvider->>AuthKitJS: "client.getSignInUrl()"
    AuthKitJS-->>AuthKitProvider: "Sign-in URL"
    AuthKitProvider-->>TauriApp: "Sign-in URL"
    TauriApp->>SystemBrowser: "Open URL in default browser"
    SystemBrowser->>WorkOSAuth: "Navigate to WorkOS auth"
    User->>WorkOSAuth: "Complete authentication"
    WorkOSAuth->>TauriApp: "Redirect to custom URL scheme"
    TauriApp->>AuthKitProvider: "Handle redirect callback"
    AuthKitProvider->>AuthKitJS: "Process authentication result"
    AuthKitJS-->>AuthKitProvider: "User session established"
    AuthKitProvider-->>TauriApp: "Authentication complete"

Loading

[greptile-apps]

Additional Comments (1)

1. src/provider.tsx, line 134-141 (link)

   logic: NOOP_CLIENT is missing the newly added getSignInUrl and getSignUpUrl methods. This could cause TypeScript errors or runtime issues during provider initialization.

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[cmatheson]

Thanks @K-Mistele, agree we should expose these in authkit-react too.