Parameters used to construct an OAuth 2.0 / OpenID Connect authorization request.
| Property | Type | Description |
|---|---|---|
acrValues? | string[] | Authentication Context Class Reference (ACR) values requesting specific authentication assurance levels or methods. |
authenticatorHint? | Authenticators | Hint to the authorization server indicating which authenticator or connection should be used. |
codeChallenge? | string | PKCE code challenge derived from the code verifier. Used to secure authorization code exchanges. |
codeChallengeMethod? | CodeChallengeMethod | Method used to generate the PKCE code challenge. |
display? | DisplayOptions | Preferred display mode for the authentication UI. |
loginHint? | string | Hint identifying the user (for example, email or username). Used to prefill or optimize the sign-in experience. |
maxAge? | number | Maximum acceptable time (in seconds) since the user last authenticated. If exceeded, the user may be required to sign in again. |
nonce? | string | A cryptographically random value included in the ID token to prevent replay attacks. |
prompt? | Prompt | Controls authentication interaction behavior. For example, forcing login or consent. |
redirectUri? | string | The redirect URI where the authorization server sends the user after authentication completes. |
request? | string | A signed JWT containing authorization request parameters. |
requestUri? | string | URI referencing a previously created authorization request (typically via Pushed Authorization Requests — PAR). When set, other authorization parameters may be ignored. |
resource? | string | Space-separated list of resource indicators that scope the issued access token. |
responseMode? | ResponseModes | Specifies how the authorization response is returned to the client. |
responseType? | ResponseTypes | Determines which artifacts are returned from the authorization endpoint. |
scopes? | string | Space-separated list of scopes requested during authentication. |
state? | string | A cryptographically random value used to maintain request state and protect against CSRF attacks. |
uiLocales? | string | Preferred UI language. |