# Wocha > Wocha is an authentication and multi-tenancy platform with OAuth/OIDC login, SpiceDB relationship-based permissions, SCIM directory sync, feature flags, and webhooks. SDKs cover Next.js, React, Vue, Express, Python, Go, and more. Important notes: - Wocha Cloud issuer URLs follow `https://{tenant}.auth.wocha.ai`; Management API at `https://{tenant}.api.wocha.ai/v1` - Browser SPAs use PKCE with a public OAuth client; Next.js/Nuxt/SvelteKit use confidential clients with server-side BFF sessions - Authorisation uses SpiceDB tuples — not JWT role claims alone - Agent skills for AI-assisted integration: `npx skills add @wocha/skills` ## Getting started - [Getting started](https://docs.wocha.ai/getting-started): Create a tenant, collect credentials, install an SDK, and test login in under 10 minutes ## Quickstarts - [Next.js quickstart](https://docs.wocha.ai/quickstarts/nextjs): App Router auth with middleware and server helpers - [React quickstart](https://docs.wocha.ai/quickstarts/react): React SPA with PKCE and protected routes - [Vue quickstart](https://docs.wocha.ai/quickstarts/vue): Vue 3 SPA with composables and router guards - [SvelteKit quickstart](https://docs.wocha.ai/quickstarts/sveltekit): BFF pattern with encrypted cookie sessions - [React Native quickstart](https://docs.wocha.ai/quickstarts/react-native): Mobile OAuth with deep link callbacks - [Express quickstart](https://docs.wocha.ai/quickstarts/express): JWT validation and Management API for admin tasks - [FastAPI quickstart](https://docs.wocha.ai/quickstarts/fastapi): Python API JWT middleware and wocha SDK - [Django quickstart](https://docs.wocha.ai/quickstarts/django): OIDC browser sessions and DRF JWT validation - [Rails quickstart](https://docs.wocha.ai/quickstarts/rails): OmniAuth OIDC and API JWT validation - [Go quickstart](https://docs.wocha.ai/quickstarts/go): Go HTTP middleware and wocha-go Management SDK ## SDK reference - [TypeScript SDK](https://docs.wocha.ai/sdk/typescript): Management API client for Node.js and TypeScript - [Next.js SDK](https://docs.wocha.ai/sdk/nextjs): App Router adapter with server-side OAuth and encrypted cookies - [React SDK](https://docs.wocha.ai/sdk/react): Hooks and headless components for React SPAs - [Vue SDK](https://docs.wocha.ai/sdk/vue): Vue 3 composables and headless components - [Nuxt SDK](https://docs.wocha.ai/sdk/nuxt): Nuxt 3 module with server-side OAuth - [Remix SDK](https://docs.wocha.ai/sdk/remix): Remix adapter with server-side OAuth sessions - [SvelteKit SDK](https://docs.wocha.ai/sdk/sveltekit): SvelteKit adapter with BFF sessions - [Angular SDK](https://docs.wocha.ai/sdk/angular): Angular service, guard, and callback component - [React Native SDK](https://docs.wocha.ai/sdk/react-native): Mobile OAuth for React Native and Expo - [Express SDK](https://docs.wocha.ai/sdk/express): JWT validation, session cookies, and permission middleware - [Python SDK](https://docs.wocha.ai/sdk/python): Python Management API client - [Go SDK](https://docs.wocha.ai/sdk/go): Go Management API client - [CLI](https://docs.wocha.ai/sdk/cli): Scaffold projects, local sandbox, migrate, and webhook tools - [UI Components](https://docs.wocha.ai/sdk/ui): Themed React components for sign-in and user management - [Testing Library](https://docs.wocha.ai/sdk/testing): Mock providers, test tokens, Playwright/Cypress helpers - [Terraform Provider](https://docs.wocha.ai/sdk/terraform): Infrastructure-as-code for Wocha resources - [MCP Server](https://docs.wocha.ai/sdk/mcp): Model Context Protocol server for AI agent Management API access ## API reference - [API reference](https://docs.wocha.ai/api-reference): Interactive OpenAPI reference for the Wocha Customer API (~100+ endpoints) ## Webhooks - [Webhooks overview](https://docs.wocha.ai/webhooks/overview): Signed HTTP delivery, retry policy, and handler patterns - [Event catalogue](https://docs.wocha.ai/webhooks/event-catalogue): Complete reference for all webhook event types - [Next.js webhook example](https://docs.wocha.ai/webhooks/examples/nextjs): App Router route with signature verification - [Express webhook example](https://docs.wocha.ai/webhooks/examples/express): Express middleware for verified delivery - [Python webhook example](https://docs.wocha.ai/webhooks/examples/python): FastAPI and Flask handlers - [Go webhook example](https://docs.wocha.ai/webhooks/examples/go): Go HTTP handler with webhook SDK ## Guides - [Choosing components](https://docs.wocha.ai/guides/component-architecture): Headless SDK components vs styled UI library - [Passkeys (WebAuthn)](https://docs.wocha.ai/guides/passkeys): Phishing-resistant authentication with passkeys - [Migrate from Auth0](https://docs.wocha.ai/guides/migrate-from-auth0): User import, SDK replacement, and webhook remapping - [Migrate from Clerk](https://docs.wocha.ai/guides/migrate-from-clerk): Organisation and component migration paths ## Errors - [Error reference](https://docs.wocha.ai/errors): Complete API error code reference - [authentication_error](https://docs.wocha.ai/errors/authentication-error): Invalid or missing API credentials - [permission_denied](https://docs.wocha.ai/errors/permission-denied): Scope, permission, and plan limit failures - [validation_error](https://docs.wocha.ai/errors/validation-error): Field-level validation errors - [rate_limit_exceeded](https://docs.wocha.ai/errors/rate-limit-exceeded): Rate limiting and retry guidance - [token_expired](https://docs.wocha.ai/errors/token-expired): Access, refresh, and ID token lifecycle - [invalid_configuration](https://docs.wocha.ai/errors/invalid-configuration): SDK and OAuth configuration errors - [webhook_verification_failed](https://docs.wocha.ai/errors/webhook-verification): Webhook signature verification failures ## Agent skills Install Wocha agent skills for AI coding assistants: ```bash npx skills add @wocha/skills ``` Skills cover framework auto-detection, migration, MFA, organisations, permissions, webhooks, testing, CLI, enterprise features, and feature flags. ## Optional - [Changelog](https://docs.wocha.ai/docs/changelog): Platform and SDK release notes synced from the monorepo CHANGELOG (current SDK line 0.1.0) - [OpenAPI spec](https://github.com/wocha-dev/wocha/blob/main/apps/platform-api/openapi.yaml): Full OpenAPI 3.1 specification (source) - [GitHub repository](https://github.com/wocha-dev/wocha): Source code, examples, and issue tracker - [Wocha Console](https://console.wocha.ai): Project dashboard, credentials, and connection management - [Status page](https://docs.wocha.ai/status): Platform availability and incident history