Quickstart

Issue `user_token`

Give the product client a user-scoped credential that can call the Federation.

user_token must be issued by a trusted environment. Your backend uses Admin City and asks City for a token based on city_id + user_id.

import { City } from "@downcity/city";

const admin = new City({
  role: "admin",
  federation_url: "https://base.example.com",
  city_id: "city_demo",
  admin_secret_key: process.env.DOWNCITY_FEDERATION_ADMIN_SECRET_KEY,
});

const user = await admin.tokens.apply({
  user_id: "user_123",
  metadata: {
    plan: "pro",
  },
  ttl: "7d",
});

Return user.user_token and user.city_id to the product client.

What metadata is for

metadata carries business context such as plan or organization into hooks:

const action = service.action("generate", async (ctx) => {
  return generateSomething(ctx.input);
});

action.before(async (ctx) => {
  await quotaService.check({
    city_id: ctx.city?.city_id,
    user_id: ctx.user?.user_id,
    plan: ctx.user?.metadata?.plan,
  });
});

This is how multiple product clients share one auth and quota layer cleanly.

Add a Model

Register models with Provider + AIService. OpenAI-compatible providers auto-passthrough.

Connect Client

Call the Federation from a product client with User City.

Table of Contents

What metadata is for