Quickstart (TypeScript)

This quickstart gets you to a working authorization check from a TypeScript process. If you prefer Python or Rust, see the SDK guides.

Prerequisites

Node.js 22 or later.
A Pore account. Sign up at pore.dev.
An API key from the console. Scope it check:read,grant:write for this quickstart.

1. Install the SDK

npm install @pore/sdk

2. Create a client

import { Pore } from "@pore/sdk";

const pore = new Pore({
  apiKey: process.env.PORE_API_KEY!,
});

The client reads the API key once and attaches it to every request as a bearer token. Keys are tenant-scoped — one key, one tenant, one scope mask.

3. Grant a relation

await pore.grants.create({
  subject: "user:alice",
  relation: "owner",
  object: "document:42",
});

Grants are tuples of (subject, relation, object). This call says “alice owns document 42.” The call is idempotent: if the tuple already exists, nothing changes and the existing grant is returned.

4. Check a relation

const { authorized } = await pore.check({
  subject: "user:alice",
  relation: "editor",
  object: "document:42",
});

console.log(authorized); // true

Notice we granted owner but checked editor. Pore’s inheritance hierarchy (owner ⊇ editor ⊇ viewer) authorizes alice as editor because she is the owner. See inheritance for the full rules.

5. Revoke when finished

await pore.grants.revoke({
  subject: "user:alice",
  relation: "owner",
  object: "document:42",
});

Revocation deletes the specific tuple. The underlying DELETE /v1/grants returns 204 on success and 404 if the tuple did not exist — the SDK surfaces this as a thrown error on not found. There are no negative tuples — the absence of a grant is what removes authorization.

Where to go next

Concepts: tuples — the data model in depth.
Concepts: agents and tenants — how Pore partitions your graph.
Recipes: agent permissions — patterns for letting AI agents act on behalf of users.