Skip to main content

Momento web SDK for Javascript in browsers

Momento provides two JavaScript SDKs; one for Node.js and one for other web applications. The two SDKs have identical APIs, so your code will look the same except for import statements, but under the hood they are built for optimal performance and compatibility in different JavaScript runtime environments.

The Node.js SDK is best suited for server-side use cases. The Momento web SDK, however, allows developers to write JavaScript code that runs in a browser and communicates directly with Momento services. This allows you to avoid the typical overhead of building and operating your own web service to mediate cache or pub/sub calls between the browser and Momento. It also means one less hop for your web traffic, so you can get even better performance out of your browser application. The best of both worlds!

You can also use the web SDK in other non-Node.js JavaScript environments.

The Momento web SDK is available via the npm package @gomomento/sdk-web.

The source code can be found on github: momentohq/client-sdk-javascript.

Requirements

Resources

  • Momento Node.js Cheat Sheet: this cheat sheet targets the Node.js SDK, but the web SDK APIs are fully compatible.
  • Example Chat App: fully functional chat application built using the web SDK! chat screenshot
  • Web SDK Examples: working example projects that illustrate how to use the web SDK
  • COMING SOON: Taking your code to prod: Configuration and Error handling in the web SDK

Momento web SDK and Momento Topics

Momento Topics significantly simplifies publisher-subscriber communication in a browser. Traditionally, developers example of this is a chat application embedded in a website; you are not only building the client code for the browser, but the server-side code for routing all the communications.

This server-side complexity is eliminated by incorporating Momento Topics with the Momento web SDK. Developers can subscribe to Momento Topics directly from the browser. Momento then takes care of all communication when messages are published to the topic, eliminating the need for custom server-side infrastructure for WebSockets!

Using the web SDK for browsers

While the API calls are identical to the Momento node.js SDK, the import/require statement will consume the @gomomento/sdk-web package from npm, instead of @gomomento/sdk (which is the Node.js SDK).

Here's an example import statement for the web SDK:

import {CacheClient} from ‘@gomomento/sdk-web’;

Credentials for Browsers

In order for your browser application to communicate with Momento services, you will need to provide the browser with a Momento auth token. The recommended practice is to generate a Momento auth token that has expiring credentials for each browser session. This enables the app to distribute tokens without worrying about your data being compromised.

To create a Momento auth token for use in the browser, you will generally have a web application using another Momento SDK such as the node.js SDK. First, you will need to instantiate a Momento AuthClient:

new AuthClient({
credentialProvider: CredentialProvider.fromEnvironmentVariable({
environmentVariableName: 'MOMENTO_AUTH_TOKEN',
}),
});

Then you will use the generateAuthToken API to create a token that you can vend to the browser:

const generateTokenResponse = await authClient.generateAuthToken(AllDataReadWrite, ExpiresIn.minutes(30));
if (generateTokenResponse instanceof GenerateAuthToken.Success) {
console.log('Generated an auth token with AllDataReadWrite scope!');
// logging only a substring of the tokens, because logging security credentials is not advisable :)
console.log(`Auth token starts with: ${generateTokenResponse.authToken.substring(0, 10)}`);
console.log(`Refresh token starts with: ${generateTokenResponse.refreshToken.substring(0, 10)}`);
console.log(`Expires At: ${generateTokenResponse.expiresAt.epoch()}`);
}

For more information on Momento auth tokens, including TokenScope for authorization, and how to refresh expiring tokens, see Working with Momento auth tokens.

FAQ

Is the traffic from the browser encrypted?
As with all traffic with Momento services, the web SDK is fully encrypted on the wire. In addition, the SDK uses TLS 1.2+ encryption.