interface ConstructorOptions {
    authorizationEndpoint: string | URL;
    clientId: string;
    clientSecret: null | string;
    codeChallengeMethod?: CodeChallengeMethod;
    cookie?: string | Omit<SetCookieInit, "value"> & { name: string };
    redirectURI: null | string | URL;
    scopes?: string[];
    tokenEndpoint: string | URL;
    tokenRevocationEndpoint?: string | URL;
}

Properties

authorizationEndpoint: string | URL

The endpoint the Identity Provider asks you to send users to log in, or authorize your application.

clientId: string

This is the Client ID of your application, provided to you by the Identity Provider you're using to authenticate users.

clientSecret: null | string

This is the Client Secret of your application, provided to you by the Identity Provider you're using to authenticate users.

codeChallengeMethod?: CodeChallengeMethod

The code challenge method to use when sending the authorization request. This is used when the Identity Provider requires a code challenge to be sent with the authorization request.

"CodeChallengeMethod.S256"
cookie?: string | Omit<SetCookieInit, "value"> & { name: string }

The name of the cookie used to keep state and code verifier around.

The OAuth2 flow requires generating a random state and code verifier, and then checking that the state matches when the user is redirected back to the application. This is done to prevent CSRF attacks.

The state and code verifier are stored in a cookie, and this option allows you to customize the name of that cookie if needed.

"oauth2"
redirectURI: null | string | URL

The URL of your application where the Identity Provider will redirect the user after they've logged in or authorized your application.

scopes?: string[]

The scopes you want to request from the Identity Provider, this is a list of strings that represent the permissions you want to request from the user.

tokenEndpoint: string | URL

The endpoint the Identity Provider uses to let's you exchange an access code for an access and refresh token.

tokenRevocationEndpoint?: string | URL

The endpoint the Identity Provider uses to revoke an access or refresh token, this can be useful to log out the user.