Getting Started

Installation

@alviere/core is published to the public npm registry:

npm install @alviere/core

CDN

Prebuilt dist files are also served from the Alviere CDN. Use versioned URLs for integrity-pinned deployments, or latest for always-current:

https://js.prd.alvierecdn.com/core/{version}/
https://js.prd.alvierecdn.com/core/latest/

Dev/staging builds are available at js.dev.alvierecdn.com with the same path structure.

Basic usage

import { AlviereCore } from '@alviere/core';

const core = new AlviereCore({
  jwt: 'your-sierra-api-v3-jwt',
  publicCertificate: 'your-rsa-public-key-pem',
  publicCertificateId: 'your-certificate-id',
  debug: true,
});

Making your first call

The following example creates an accounts service and fetches an account:

import { AlviereCore } from '@alviere/core';

const core = new AlviereCore({ jwt: 'your-jwt' });

// Downgrade the business JWT to a consumer-scoped token
const scopedJwt = await core.generateScopedToken('account-uuid-here');

// Re-configure with the scoped token
core.configure({ jwt: scopedJwt });

// Create a service and call it
const accounts = core.createAccountsService();
const account = await accounts.getAccount('account-uuid-here');
console.log(account);

Scoped tokens

Most service operations require a consumer-scoped JWT — a token whose sub claim is the target account UUID. Your backend provides a business-level JWT on login; call generateScopedToken to downgrade it to the consumer scope before making account-level API calls.

generateScopedToken optionally refreshes the AlviereCore instance's token automatically (autoUpdate defaults to true):

// Automatically updates core's internal JWT as well
const scopedJwt = await core.generateScopedToken('consumer-account-uuid');

// Or retrieve without updating
const scopedJwt = await core.generateScopedToken('consumer-account-uuid', false);
core.configure({ jwt: scopedJwt });

With encryption

For endpoints that require encrypted payloads (card data, sensitive PII), provide the RSA public certificate at initialization time:

const core = new AlviereCore({
  jwt: 'your-jwt',
  publicCertificate: 'your-rsa-public-key-pem',
  publicCertificateId: 'your-certificate-id',
});

const payments = core.createPaymentsService();
await payments.processAddCardWithValidation('account-uuid', {
  card_number: '4111111111111111',
  name_on_card: 'Jane Doe',
  expiry_date: '12/28',
  security_code: '123',
  zip_code: '10001',
});

Calls that require a certificate will throw if publicCertificate / publicCertificateId are not set.

Next steps

Configuration reference Link to a page in the guide AlviereCore API Link to a page in the guide Service layer Link to a page in the guide