Type: MonoCloudOidcBackendClientOptions

Extends

• MonoCloudClientOptionsBase

clientAuthMethod?

optional clientAuthMethod: ClientAuthMethod

Client authentication method used when communicating with the token endpoint.

clientId?

optional clientId: string

Client identifier of the application registered in MonoCloud.

clientSecret?

optional clientSecret: string | Jwk

Client secret or key material used for client authentication.

When clientAuthMethod is client_secret_jwt and a plain-text secret is provided, the default signing algorithm is HS256.

To use a different algorithm, provide a symmetric JSON Web Key (JWK) (kty: "oct") with the desired algorithm specified in its alg property.

clockSkew?

optional clockSkew: number

Number of seconds to adjust the current time to account for clock differences.

clockTolerance?

optional clockTolerance: number

Additional time tolerance in seconds for time-based claim validation.

fetcher()?

optional fetcher: {(input: URL | RequestInfo, init?: RequestInit): Promise<Response>; (input: string | URL | Request, init?: RequestInit): Promise<Response>; }

Optional custom fetch implementation used for network requests.

groupOptions?

optional groupOptions: IsUserInGroupOptions

Options for group membership validation applied to all token validations performed by this client.

jwksCacheDuration?

optional jwksCacheDuration: number

Duration (in seconds) to cache the JSON Web Key Set (JWKS) retrieved from the authorization server.

metadataCacheDuration?

optional metadataCacheDuration: number

Duration (in seconds) to cache OpenID Connect discovery metadata.