This is the Client ID of your application, provided to you by the Identity Provider you're using to authenticate users.
This is the Client Secret of your application, provided to you by the Identity Provider you're using to authenticate users.
Optional
codeThe code challenge method to use when sending the authorization request. This is used when the Identity Provider requires a code challenge to be sent with the authorization request.
Optional
cookieThe name of the cookie used to keep state and code verifier around.
The OAuth2 flow requires generating a random state and code verifier, and then checking that the state matches when the user is redirected back to the application. This is done to prevent CSRF attacks.
The state and code verifier are stored in a cookie, and this option allows you to customize the name of that cookie if needed.
The URL of your application where the Identity Provider will redirect the user after they've logged in or authorized your application.
Optional
scopesThe scopes you want to request from the Identity Provider, this is a list of strings that represent the permissions you want to request from the user.
The endpoint the Identity Provider uses to let's you exchange an access code for an access and refresh token.
Optional
tokenThe endpoint the Identity Provider uses to revoke an access or refresh token, this can be useful to log out the user.
The endpoint the Identity Provider asks you to send users to log in, or authorize your application.