Firebase is back at Google I/O on May 14! Register now.

OIDCAuthProviderConfig interface

The [OIDC](https://openid.net/specs/openid-connect-core-1_0-final.html) Auth provider configuration interface. An OIDC provider can be created via BaseAuth.createProviderConfig().

Signature:

export interface OIDCAuthProviderConfig extends BaseAuthProviderConfig

Extends: BaseAuthProviderConfig

Properties

Property	Type	Description
clientId	string	This is the required client ID used to confirm the audience of an OIDC provider's [ID token](https://openid.net/specs/openid-connect-core-1_0-final.html#IDToken).
clientSecret	string	The OIDC provider's client secret to enable OIDC code flow.
issuer	string	This is the required provider issuer used to match the provider issuer of the ID token and to determine the corresponding OIDC discovery document, eg. [`/.well-known/openid-configuration`](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig). This is needed for the following: To verify the provided issuer. Determine the authentication/authorization endpoint during the OAuth `id_token` authentication flow. To retrieve the public signing keys via `jwks_uri` to verify the OIDC provider's ID token's signature. To determine the claims_supported to construct the user attributes to be returned in the additional user info response. ID token validation will be performed as defined in the [spec](https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation).
responseType	OAuthResponseType	The OIDC provider's response object for OAuth authorization flow.

OIDCAuthProviderConfig.clientId

This is the required client ID used to confirm the audience of an OIDC provider's [ID token](https://openid.net/specs/openid-connect-core-1_0-final.html#IDToken).

Signature:

clientId: string;

OIDCAuthProviderConfig.clientSecret

The OIDC provider's client secret to enable OIDC code flow.

Signature:

clientSecret?: string;

OIDCAuthProviderConfig.issuer

This is the required provider issuer used to match the provider issuer of the ID token and to determine the corresponding OIDC discovery document, eg. [/.well-known/openid-configuration](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig). This is needed for the following:

To verify the provided issuer.
Determine the authentication/authorization endpoint during the OAuth id_token authentication flow.
To retrieve the public signing keys via jwks_uri to verify the OIDC provider's ID token's signature.
To determine the claims_supported to construct the user attributes to be returned in the additional user info response.

ID token validation will be performed as defined in the [spec](https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation).

Signature:

issuer: string;

OIDCAuthProviderConfig.responseType

The OIDC provider's response object for OAuth authorization flow.

Signature:

responseType?: OAuthResponseType;