Data Types


Parameter object passed to the AuthManager.beginAuthSession(params) method in the Bytescale SDKs.

"accountId": "YOUR_ACCOUNT_ID",
"authHeaders": Function,
"authUrl": "https://your-web-app/your-auth-url",
"options": {
"cdnUrl": "https://your-custom-cname"
"serviceWorkerScript": "/bytescale-auth-sw.js"

Your account ID.

This is visible on the settings page:

Example: "A623uY2"

Type: String

Length: 7

Parameterless function that returns a Promise containing the HTTP request headers to send to the authUrl (represented as a simple dictionary/object).

You must use this parameter to authorize with your authUrl.

Important: do not call 'AuthManager.beginAuthSession' or 'AuthManager.endAuthSession' inside this callback, as this will cause a deadlock.

Type: Function

The fully-qualified URL for your backend API's auth endpoint (the endpoint that returns a JWT as plain text).

Example: "https://your-web-app/your-auth-url"

Type: String

Min Length: 1

Max Length: 255

Optional parameters for the BeginAuthSessionParams.

Type: BeginAuthSessionParamsOptions

Enables JWT support for modern browsers that block third-party cookies (like Safari).

If this field is not set: then the AuthManager will attempt to use cookies to authorize file download and file transformation requests issued by the browser, e.g. from <img> elements, which some browsers may block.

If this field is set: then the AuthManager will attempt to use an Authorization header instead of a Cookie header to authenticate your requests by registering a "service worker" for the page. If the browser does not support service workers, then cookies will be used as a fallback.


Ensure the accountId field is set alongside the exp field in your JWT.

You must create a JavaScript file that contains the following line: importScripts("");

You must host this JavaScript file under the root directory of your website's domain (e.g. not

You must set the serviceWorkerScript parameter to the absolute path of this script when calling AuthManager.beginAuthSession.


Correct: "/bytescale-auth-sw.js"

Incorrect: "bytescale-auth-sw.js"

Incorrect: "/scripts/bytescale-auth-sw.js"

Incorrect: ""


Service workers can only interact with events raised by pages at the same level or below them, hence why your script must be hosted on your website's domain under the root directory.

Example: "/bytescale-auth-sw.js"

Type: String

Was this section helpful? Yes No

You are using an outdated browser.

This website requires a modern web browser -- the latest versions of these browsers are supported: