> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dfns.co/llms.txt
> Use this file to discover all available pages before exploring further.

# TypeScript SDK (server)

> Server-side SDK for integrating Dfns into Node.js backends

The TypeScript SDK provides typed access to the full Dfns API with automatic request signing. The server-side packages handle key-based signing for service accounts and backend services.

You can find the repository [here](https://github.com/dfns/dfns-sdk-ts).

## Installation

```bash theme={null}
npm i @dfns/sdk @dfns/sdk-keysigner
```

**Requirements:** Node 18+.

## Quick start

### 1. Read-only operations

For read-only operations (listing wallets, fetching balances, etc.), you only need an auth token:

```ts theme={null}
import { DfnsApiClient } from '@dfns/sdk'

const dfns = new DfnsApiClient({
  baseUrl: 'https://api.dfns.io',
  orgId: 'or-...',
  authToken: '...',
})

const { items } = await dfns.wallets.listWallets()
for (const wallet of items) {
  console.log(`${wallet.id}: ${wallet.network} ${wallet.address}`)
}
```

<Tip>
  For a quick test you can get your login token (short-lived) from the [Dfns Dashboard](https://app.dfns.io/) under `Settings` > `Personal Access Tokens`.
</Tip>

### 2. Signing requests

State-changing operations (creating wallets, signing transactions, etc.) require cryptographic request signing. Choose your approach based on where the private key lives:

<Tabs>
  <Tab title="Direct signing">
    Use `DfnsApiClient` with an `AsymmetricKeySigner` when your backend has direct access to the private key.

    ```ts theme={null}
    import { DfnsApiClient } from '@dfns/sdk'
    import { AsymmetricKeySigner } from '@dfns/sdk-keysigner'

    const signer = new AsymmetricKeySigner({
      credId: 'cr-...',
      privateKey: process.env.DFNS_PRIVATE_KEY!,
    })

    const dfns = new DfnsApiClient({
      baseUrl: 'https://api.dfns.io',
      orgId: 'or-...',
      authToken: '...',
      signer,
    })

    const wallet = await dfns.wallets.createWallet({
      body: { network: 'EthereumSepolia' },
    })
    console.log(`Created wallet: ${wallet.id}`)
    ```
  </Tab>

  <Tab title="Delegated signing">
    Use `DfnsDelegatedApiClient` when the private key is not on your backend (user passkeys, external KMS):

    ```ts theme={null}
    import { DfnsDelegatedApiClient } from '@dfns/sdk'

    const dfnsDelegated = new DfnsDelegatedApiClient({
      baseUrl: 'https://api.dfns.io',
      orgId: 'or-...',
      authToken: userAuthToken,
    })

    // Step 1: Initialize and get a challenge
    const challenge = await dfnsDelegated.wallets.createWalletInit({
      body: { network: 'EthereumSepolia' },
    })

    // Step 2: Send challenge to user's frontend for signing
    // ... user signs with passkey via frontend SDK ...

    // Step 3: Complete with the signed challenge
    const wallet = await dfnsDelegated.wallets.createWalletComplete(
      { body: { network: 'EthereumSepolia' } },
      signedChallenge,
    )
    ```
  </Tab>
</Tabs>

## Next steps

* **[Create a service account](/guides/developers/service-account)** for server-to-server authentication with long-lived tokens
* **[Development guide](/sdks/backend/typescript/development)** for detailed architecture and all available classes
* **[Delegated wallets](/guides/developers/delegated-wallets)** for implementing user passkey flows