Skip to content

Oauth2Provider

Reference doc for the `Oauth2Provider`.

Use this to connect authentication providers that support OAuth 2.0.

import { Oauth2Provider } from "@openauthjs/openauth/provider/oauth2"
export default issuer({
providers: {
oauth2: Oauth2Provider({
clientID: "1234567890",
clientSecret: "0987654321",
endpoint: {
authorization: "https://auth.myserver.com/authorize",
token: "https://auth.myserver.com/token"
}
})
}
})

Methods

Oauth2Provider

Oauth2Provider(config)

Parameters

Returns Provider

Oauth2Config

Oauth2Config.clientID

Type string

The client ID.

This is just a string to identify your app.

{
clientID: "my-client"
}

Oauth2Config.clientSecret

Type string

The client secret.

This is a private key that’s used to authenticate your app. It should be kept secret.

{
clientSecret: "0987654321"
}

Oauth2Config.endpoint

Type Object

The URLs of the authorization and token endpoints.

{
endpoint: {
authorization: "https://auth.myserver.com/authorize",
token: "https://auth.myserver.com/token",
jwks: "https://auth.myserver.com/auth/keys"
}
}
Oauth2Config.endpoint.authorization

Type string

The URL of the authorization endpoint.

Oauth2Config.endpoint.jwks?

Type string

The URL of the JWKS endpoint.

Oauth2Config.endpoint.token

Type string

The URL of the token endpoint.

Oauth2Config.pkce?

Type boolean

Default false

Whether to use PKCE (Proof Key for Code Exchange) for the authorization code flow. Some providers like x.com require this.

Oauth2Config.query?

Type Record<string, string>

Any additional parameters that you want to pass to the authorization endpoint.

{
query: {
access_type: "offline",
prompt: "consent"
}
}

Oauth2Config.scopes

Type string[]

A list of OAuth scopes that you want to request.

{
scopes: ["email", "profile"]
}