Core API reference for the Aortem auth client
The SDK surface is intentionally small: initialize once, authenticate against a provider, inspect session state, and close sessions predictably.
Client initialization
`AortemAuth` owns provider registration, session lifecycle management, and redirect coordination. Instantiate it at application bootstrap and keep it available through your state or dependency injection layer.
Constructor
Creates a client bound to an environment and base API endpoint.
initialize
Registers client identity, redirect URIs, and enabled providers.
session
Exposes current session inspection, refresh control, and token metadata.
Login methods
Login is provider-driven, but the method contract stays stable. Scopes, prompt behavior, and provider extras can be configured at call time without changing how the rest of the application handles authenticated state.
Session APIs
Session inspection is designed for gating routes, requesting access tokens, and forcing refreshes before downstream API calls fail. Keep session logic centralized so views do not each invent their own auth handling.
Logout semantics
The logout path should remove local session state even when upstream revocation is unavailable. Treat remote revocation as a best-effort hardening step, not the only mechanism clearing authenticated state.