React quickstart
Add Wocha authentication to a React SPA with PKCE.
Add Wocha sign-in to a React single-page application using @wocha/react. The SDK implements the OAuth 2.0 authorisation code flow with PKCE as a public client — no client secret required.
Prerequisites
- Node.js 18+
- React 18+ (Vite recommended)
- A Wocha project with a public OAuth application
- Redirect URI registered:
http://localhost:5173/callback
What you'll build
A React SPA with PKCE sign-in, callback handling, and session hooks for your components.
your-app.local
Welcome back
After sign-in
✓ Session stored securely
✓ User profile available in your app
✓ Organisation context ready for multi-tenant features
Installation
pnpm add @wocha/reactOr scaffold with the CLI
npx @wocha/cli init --framework react-spaEnvironment variables
Provider setup
Wrap your app in WochaProvider:
Callback route
Handle the OAuth redirect on /callback:
Sign in
Use the session hook to trigger login:
Next steps
- SDK reference — hooks, server helpers, and configuration options
- Webhooks overview — receive user and session lifecycle events
- Common patterns — protect routes, org switching, and role-based UI