The [OIDC](https://openid.net/specs/openid-connect-core-1_0-final.html) Auth provider configuration interface. An OIDC provider can be created via BaseAuth.createProviderConfig().
Signature:
export interface OIDCAuthProviderConfig extends BaseAuthProviderConfig
Extends: BaseAuthProviderConfig
Properties
Property | Type | Description |
---|---|---|
clientId | string | This is the required client ID used to confirm the audience of an OIDC provider's [ID token](https://openid.net/specs/openid-connect-core-1_0-final.html#IDToken). |
clientSecret | string | The OIDC provider's client secret to enable OIDC code flow. |
issuer | string | This is the required provider issuer used to match the provider issuer of the ID token and to determine the corresponding OIDC discovery document, eg. [/.well-known/openid-configuration ](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig). This is needed for the following:
|
responseType | OAuthResponseType | The OIDC provider's response object for OAuth authorization flow. |
OIDCAuthProviderConfig.clientId
This is the required client ID used to confirm the audience of an OIDC provider's [ID token](https://openid.net/specs/openid-connect-core-1_0-final.html#IDToken).
Signature:
clientId: string;
OIDCAuthProviderConfig.clientSecret
The OIDC provider's client secret to enable OIDC code flow.
Signature:
clientSecret?: string;
OIDCAuthProviderConfig.issuer
This is the required provider issuer used to match the provider issuer of the ID token and to determine the corresponding OIDC discovery document, eg. [/.well-known/openid-configuration
](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig). This is needed for the following:
- To verify the provided issuer.
- Determine the authentication/authorization endpoint during the OAuth
id_token
authentication flow. - To retrieve the public signing keys via
jwks_uri
to verify the OIDC provider's ID token's signature. - To determine the claims_supported to construct the user attributes to be returned in the additional user info response.
Signature:
issuer: string;
OIDCAuthProviderConfig.responseType
The OIDC provider's response object for OAuth authorization flow.
Signature:
responseType?: OAuthResponseType;