XRift SDK Guide
A guide for using @xrift/sdk to programmatically interact with the XRift platform API.
References
- API Reference - Full specification of XriftClient, WorldsApi, ItemsApi, error classes, and utility functions
- Code Templates - Ready-to-use code examples for Node.js and browser environments
- Type Definitions - Complete TypeScript type definitions for all SDK interfaces
Critical Rules
- API token is always required —
XriftClientmust be initialized with a validtoken. Never hardcode tokens; use environment variables or secure configuration. - File data must be
FileDatatype — The SDK acceptsArrayBuffer | Uint8Array, not file paths or strings. The caller is responsible for reading files into binary data before passing to the SDK. remotePathmust be a relative path — Never use absolute paths or paths starting with/. Use paths likescene.glborassets/texture.png.- Always handle errors — Wrap API calls in try/catch and handle
XriftAuthError,XriftApiError, andXriftNetworkErrorseparately.
Project Overview
What is @xrift/sdk?
@xrift/sdk is a universal TypeScript SDK for the XRift platform. It provides programmatic access to world and item APIs with integrated file upload capabilities.
Key Characteristics
- Universal: Works in both Node.js (>=18) and browser environments
- Zero dependencies: Built on native
fetchAPI - TypeScript first: Full type definitions included
- Dual build: ESM + CJS support
- Integrated upload: Hash calculation → signed URL retrieval → upload → completion in one call
Tech Stack
- TypeScript (strict mode)
- fetch API (no axios)
- SHA-256 hashing (node:crypto / Web Crypto API)
- ESM + CJS dual build
Installation
npm install @xrift/sdk
Quick Start
import { XriftClient, getMimeType } from '@xrift/sdk';
const client = new XriftClient({
token: process.env.XRIFT_TOKEN!,
});
// Upload a world
const result = await client.worlds.upload(
[
{
remotePath: 'scene.glb',
data: fileData, // Uint8Array or ArrayBuffer
size: fileData.byteLength,
contentType: getMimeType('scene.glb'),
},
],
{
name: 'My World',
},
);
console.log(`Uploaded: ${result.worldId} v${result.versionNumber}`);
Upload Flow
The upload() method (on both WorldsApi and ItemsApi) executes these steps internally:
- Determine ID — Use provided
worldId/itemIdor create a new resource viacreate() - Calculate content hash — SHA-256 hash of all file data + config values (first 12 hex chars)
- Calculate total file size — Sum of all
file.sizevalues - Get signed upload URLs — POST to
/upload-urlsendpoint with metadata and file list - Upload files — PUT each file to its signed URL with correct Content-Type header
- Complete upload — POST to
/completeendpoint with the version ID
All these steps are handled internally by upload() and cannot be called individually.
Error Handling
import { XriftAuthError, XriftApiError, XriftNetworkError } from '@xrift/sdk';
try {
await client.worlds.upload(files, options);
} catch (error) {
if (error instanceof XriftAuthError) {
// 401 - Invalid or expired token
} else if (error instanceof XriftApiError) {
// Other API errors (400, 403, 404, 500, etc.)
console.error(`Status: ${error.statusCode}, Body:`, error.responseBody);
} else if (error instanceof XriftNetworkError) {
// Network connectivity issues
console.error('Cause:', error.cause);
}
}
Error Hierarchy
XriftSdkError (base)
├── XriftApiError (HTTP errors with statusCode and responseBody)
│ └── XriftAuthError (HTTP 401)
└── XriftNetworkError (connectivity errors with cause)
Node.js vs Browser
| Aspect | Node.js | Browser |
|---|---|---|
| File reading | fs.readFile() → Uint8Array | File.arrayBuffer() → Uint8Array |
| Hash algorithm | node:crypto (createHash) | crypto.subtle.digest (Web Crypto API) |
| Token storage | Environment variables | Secure storage (not localStorage) |
| Minimum version | Node.js 18+ | Modern browsers with fetch + Web Crypto |