Function clientSecretAuthProvider

  • Creates an OIDC Client Credentials Provider for non-browser contexts.

    Both browser and non-browser flows use OIDC, but the supported OIDC auth mechanisms differ between public (e.g. browser) clients, and confidential (e.g. Node) clients.

    This provider supports Client Credentials auth, where the client has previously been issued a ClientID and ClientSecret. Browser contexts should never use Client Credentials auth, as ClientSecrets are not secure for public client flows, and should use one of the other Authorization Code-based OIDC auth mechanisms instead.

    This just expects a clientId and clientSecret to be provided in the clientConfig, and will use that to grant tokens via the OIDC clientCredentials flow.

    The client's public key must be set in all OIDC token requests in order to recieve a token with valid Virtru claims. The public key may be passed to this provider's constructor, or supplied post-construction by calling updateClientPublicKey which will force an explicit token refresh

    Parameters

    • clientConfig: ClientSecretCredentials

    Returns Promise<OIDCClientCredentialsProvider>

Generated using TypeDoc