Authentication
Goal: authenticate against XAgent so settlement calls carry a scoped JWT. Keys never reach the agent — xpense holds only the token.
Steps
- Login —
await xpense.login(authMode?). Modes:"loopback"(browser + local redirect),"device"(device code),"paste"(browser, paste code back — the default). CLI equivalent:xpense login. - Store — credentials are written to
~/.config/xagent/credentials.jsonat mode0600(%APPDATA%\xagenton Windows). - Use —
xpense.gateway()callsensureAccessToken(), which refreshes the access token if expired, then builds the settlement client. - Inspect / clear —
xpense.whoami()returns saved credentials;xpense.logout()clears them.
ts
await xpense.login("loopback");
const me = await xpense.whoami(); // SavedCredentials | null
const gw = await xpense.gateway(); // token auto-refreshed
await xpense.logout();Reference: runLogin · Credentials & Tokens.