Member Authentication
The allegro.member namespace provides methods to authenticate members,
retrieve user info, and check entitlements.
allegro.member.isAuthenticated()
Synchronously returns whether the stored JWT represents an authenticated user.
if (allegro.member.isAuthenticated()) {
// show authenticated UI
}
allegro.member.isIdentified()
Synchronously returns whether the session has a stored JWT. A session is identified once the user has provided their email (e.g. via a magic link request), but may not yet be fully authenticated.
if (allegro.member.isIdentified()) {
// user is known but may not be authenticated
}
allegro.member.sessionFromJwt()
Synchronously returns the parsed JWT payload from the stored token, or null if
no token is stored. Does not make a network request.
const payload = allegro.member.sessionFromJwt();
if (payload) {
console.log(payload.sub); // Audience Member ID
console.log(payload.authenticated); // boolean
console.log(payload.session.id);
console.log(payload.audience_member);
}
Response shape:
{
iss: string;
aud: string;
iat: number;
exp: number;
sub: string; // Audience Member ID
authenticated: boolean;
session: {
id: string;
authenticated_at: string | null;
};
audience_member: AudienceMember;
[key: string]: unknown;
} | null
allegro.member.session()
Fetches the current session from the API. Use this when you need a fresh, server-verified session rather than decoding the stored JWT locally.
const { data } = await allegro.member.session();
console.log(data.id);
console.log(data.is_authenticated);
console.log(data.authenticated_at);
console.log(data.audience_member);
Response shape:
{
data: {
id: string;
is_authenticated: boolean;
authenticated_at: string | null;
created_at: string;
updated_at: string;
audience_member: AudienceMember;
}
}
allegro.member.user()
Get the currently logged-in user. Returns a promise that resolves with the user
object, or null if no one is logged in. This does not make a network request —
it decodes the stored JWT locally.
const user = await allegro.member.user();
if (user) {
console.log(user.id);
console.log(user.email);
console.log(user.name);
console.log(user.email_verified);
} else {
console.log('No user logged in');
}
Response shape:
{
id: string;
email: string;
name?: string;
email_verified: boolean;
} | null
allegro.member.identifyByEmail(email)
Identifies a user by email address and stores the resulting session JWT. Useful for associating tracking events with a known email before full authentication.
const { jwt } = await allegro.member.identifyByEmail('user@example.com');
allegro.member.entitlements()
Get the current user's entitlements. Returns a promise that resolves with an array.
const entitlements = await allegro.member.entitlements();
for (const entitlement of entitlements) {
console.log(entitlement.id, entitlement.name);
}
Response shape:
{ id: string; name: string; [key: string]: unknown }[]
allegro.member.logout()
Clears the stored JWT and stops any active authentication polling.
await allegro.member.logout();
Related
- Magic Links guide — passwordless authentication via email
- Social Login guide — OAuth with Google and Apple
- allegro-login-form component — drop-in UI for the full auth flow