Core configuration options for the SDK.
These options define how the SDK communicates with your MonoCloud tenant, manages sessions, and performs authentication flows.
| Property | Type | Description |
|---|---|---|
allowQueryParamOverrides? | boolean | Allows authorization parameters to be overridden using query parameters. When disabled, parameters such as scope, resource, prompt, and login_hint present in the request URL are ignored and cannot modify the authentication request. |
appUrl | string | Base URL where the application is hosted. Used to construct redirect URLs and validate requests. |
clientId | string | Client identifier of the application registered in MonoCloud. |
clientSecret? | string | Optional client secret used for confidential clients. |
clockSkew | number | Allowed clock skew (in seconds) when validating token timestamps. |
cookieSecret | string | Secret used to encrypt and sign authentication cookies. This value should be long, random, and kept private. |
debugger | string | Identifier used for internal debugging/logging. |
defaultAuthParams | AuthorizationParams | Default authorization parameters included in authentication requests. |
federatedSignOut | boolean | When true, signing out also logs the user out of MonoCloud (Single Sign-Out). |
fetchUserInfo | boolean | Fetch user profile data from the UserInfo endpoint after authentication completes. |
filteredIdTokenClaims | string[] | List of ID token claims that should be removed before storing data in the session. |
idTokenSigningAlg | SecurityAlgorithms | Expected signing algorithm for ID tokens. |
jwksCacheDuration? | number | Duration (in seconds) to cache the JWKS document. |
metadataCacheDuration? | number | Duration (in seconds) to cache OpenID discovery metadata. |
onBackChannelLogout? | OnBackChannelLogout | Invoked when a back-channel logout request is received. |
onSessionCreating? | OnSessionCreating | Invoked before a session is created or updated. Can be used to modify session data or attach custom fields. |
onSetApplicationState? | OnSetApplicationState | Invoked before authentication begins to attach custom application state. |
postLogoutRedirectUri? | string | URL to redirect users to after logout completes. |
refetchUserInfo | boolean | Refetch user profile data whenever the application's UserInfo endpoint is invoked. |
resources? | Indicator[] | Optional resource indicators available when requesting tokens via getTokens(). |
responseTimeout | number | Maximum time (in milliseconds) to wait for responses from the MonoCloud authorization server. |
routes | MonoCloudRoutes | Route paths used by MonoCloud authentication handlers. |
session | MonoCloudSessionOptionsBase | Session configuration. |
state | MonoCloudStateOptions | Authentication state configuration. |
strictProfileSync? | boolean | Determines how user profile is updated when the session is updated. When enabled, the session user profile is fully replaced with a newly constructed profile derived from the latest ID token and, if applicable, the UserInfo response. |
tenantDomain | string | MonoCloud tenant domain (for example, https://your-tenant.us.monocloud.com). |
usePar | boolean | Enables Pushed Authorization Requests (PAR). When enabled, authorization parameters are sent securely via the PAR endpoint instead of the browser. |
userAgent | string | Custom User-Agent value sent with requests to MonoCloud. |