Skip to main content

SDKs

Phosra provides official SDKs to accelerate your integration. All SDKs wrap the REST API and provide typed interfaces, automatic retries, and token management.

Available SDKs

TypeScript SDK

Full-featured SDK for Node.js and browser applications. Typed interfaces for all 80 endpoints.
npm install @phosra/sdk

MCP Server

Model Context Protocol server for AI agent integration. Works with Claude, GPT, and other MCP-compatible agents.
npx @phosra/mcp --api-key=KEY

iOS SDK

On-device child safety enforcement using FamilyControls, ManagedSettings, and DeviceActivity.
// iOS SDK — contact developers@phosra.com for the private repo URL

Android SDK

On-device enforcement using UsageStatsManager, VpnService, DevicePolicyManager, and AccessibilityService.
// Android SDK — distributed privately (not on Maven Central yet).
// Email developers@phosra.com for the repo/AAR.

Published packages

These are the packages actually on the public npm registry today. Versions verified against npm view — pin the ones you use.
PackageVersionWhat it doesPage
@phosra/sdk0.1.0Typed control-plane client (PhosraClient) — families, children, policies, rules, enforcementTypeScript SDK
@openchildsafety/ocss0.1.3The vendor-neutral OCSS reference library — sign/verify receipts, sealed envelopes, trust list, vocabularyDeveloper SDK
@phosra/link0.1.2Writer-plane SDK — the consent ceremony + signed rule-write directives (directive, convergeFamily)Link
@phosra/gatekeeper0.2.2Platform-side SDK — verify signed profiles, run the local decision engine, send §8.3.8 receipts
@phosra/connect0.1.1Embeddable Connect component (the “Plaid Link” for parental-controls apps) — web + React Native
@phosra/mcp0.4.0MCP server exposing Phosra tools to AI agents (npx @phosra/mcp)MCP Server
@phosra/cli0.2.0Partner CLI — scaffold configs, verify OCSS setup, sandbox round-trip checks (npx @phosra/cli)
@phosra/provider0.1.0Provider-side helpers over @openchildsafety/ocss
@phosra/classify0.1.1Rule-category classification helpers
The native iOS and Android enforcement SDKs are distributed privately (not on npm/Maven Central yet) — see iOS SDK and Android SDK, or email developers@phosra.com for repo access. There is no published @ocss/* npm scope; the open standard’s library ships under @openchildsafety/*.

Language coverage

Phosra ships a first-party TypeScript SDK today. Every other language talks to the same plain-JSON REST API directly — no SDK required, and the Quickstart proves the curl / Python / Go paths run copy-paste against the live sandbox.
LanguageHow you call PhosraStatus
TypeScript / JavaScript@phosra/sdk — typed PhosraClientPublished
Shellcurl against the REST APIWorks today
Pythonrequests (or stdlib urllib) against the REST APIWorks today
Gonet/http against the REST APIWorks today
Python SDKfirst-party typed clientPlanned

Generate a typed client in any language

Need Python, Go, Java, Rust, or C#? The OpenAPI spec drives standard code generators to produce a fully-typed client in about a minute. The Generate a client in your language guide runs the real commands (openapi-generator-cli for Python/Go/Java, openapi-typescript for TS) against the live sandbox and pastes the actual output — including a generated-client call that returns 201.

Generate a client in your language

Worked TypeScript, Python, and Go clients from the hosted spec — verified copy-paste, plus which-spec guidance and the RFC 9421 data-plane caveat.

SDK Comparison

FeatureTypeScriptMCPiOSAndroid
PlatformNode.js / BrowserAI AgentsiOS 16+Android 8.0+
Auth methodsAPI key, Bearer, Device keyAPI keyParent JWT, Device keyParent JWT, Device key
InstallnpmnpxSPMGradle
On-device enforcementFamilyControlsUsageStats + VPN
Policy syncAPNs + pollingFCM + WorkManager
ReportingEnforcement + screen timeEnforcement + screen time

Direct API Access

All SDKs are optional. The REST API is plain JSON over HTTPS — call it from any language. Every tab leads with the open sandbox (https://phosra-api-sandbox-production.up.railway.app) so your first copy-paste returns 201 with no API key. The same one-call setup in four languages:
# Sandbox-first — no Authorization header needed.
curl -X POST https://phosra-api-sandbox-production.up.railway.app/api/v1/setup/quick \
  -H "Content-Type: application/json" \
  -d '{"child_name":"Emma","birth_date":"2016-03-15","strictness":"recommended"}'
Going to production. Swap the sandbox baseUrl for the production host (https://prodapi.phosra.com/api/v1) and add a phosra_ API key. The raw HTTP tabs send the key as Authorization: Bearer (the canonical header) against the /developer/* prefix; the TypeScript PhosraClient sends the same key as the X-Api-Key header internally — both are accepted. See Authentication.

Get your API key

Sign up at dashboard.phosra.com/signup and mint a key on the Keys page — phosra_test_… for the sandbox, phosra_live_… for production.
Want the full zero-to-enforcement walkthrough? The Quickstart runs the same calls against the open sandbox — no auth needed.
See the API Reference for complete endpoint documentation, and the Errors reference for every status code, error class, and its fix.