Optional accessThe number of seconds before an access token is to expire to raise the accessTokenExpiring event (default: 60)
Optional acr_optional protocol param
The URL of the OIDC/OAuth2 provider
Optional automaticFlag to indicate if there should be an automatic attempt to renew the access token prior to its expiration. The automatic renew attempt starts 1 minute before the access token expires (default: true)
Optional checkInterval in seconds to check the user's session (default: 2)
Optional client_Client authentication method that is used to authenticate when using the token endpoint (default: "client_secret_post")
See https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
Your client application's identifier as registered with the OIDC/OAuth2
Optional client_Optional disablePKCEWill disable PKCE validation, changing to true will not append to sign in request code_challenge and code_challenge_method. (default: false)
Optional displayoptional protocol param
Optional extraAn object containing additional header to be including in request.
Optional extraAn object containing additional query string parameters to be including in the authorization request.
E.g, when using Azure AD to obtain an access token an additional resource parameter is required. extraQueryParams: {resource:"some_identifier"}
Optional extraOptional fetchSets the credentials for fetch requests. (default: "same-origin") Use this if you need to send cookies to the OIDC/OAuth2 provider or if you are using a proxy that requires cookies
Optional filterShould optional OIDC protocol claims be removed from profile or specify the ones to be removed (default: true) When true, the following claims are removed by default: ["nbf", "jti", "auth_time", "nonce", "acr", "amr", "azp", "at_hash"] When specifying claims, the following claims are not allowed: ["sub", "iss", "aud", "exp", "iat"]
Optional iframeThe target to pass while calling postMessage inside iframe for callback (default: window.location.origin)
Optional iframeThe script origin to check during 'message' callback execution while performing silent auth via iframe (default: window.location.origin)
Optional includeFlag to control if id_token is included as id_token_hint in silent renew calls (default: false)
Optional includeFlag to control if id_token is included as id_token_hint in silent signout calls (default: false)
Optional loadFlag to control if additional identity data is loaded from the user info endpoint in order to populate the user's profile (default: false)
Optional max_optional protocol param
Optional mergeIndicates how objects returned from the user info endpoint as claims (e.g. address) are merged into the claims from the
id token as a single object. (default: { array: "replace" })
Optional metadataProvide metadata when authority server does not allow CORS on the metadata endpoint
Optional metadataCan be used to seed or add additional values to the results of the discovery request
Optional metadataOptional monitorOptional monitorWill raise events for when user has performed a signout at the OP (default: false)
Optional popupThe features parameter to window.open for the popup signin window. By default, the popup is placed centered in front of the window opener. (default: { location: false, menubar: false, height: 640, closePopupWindowAfterInSeconds: -1 })
Optional popupThe target parameter to window.open for the popup signin window (default: "_blank")
Optional popup_Optional popup_The URL for the page containing the call to signinPopupCallback to handle the callback from the OIDC/OAuth2
Optional post_The OIDC/OAuth2 post-logout redirect URI
Optional promptoptional protocol param
Optional query_Optional redirectThe methods window.location method used to redirect (default: "assign")
Optional redirectThe methods target window being redirected (default: "self")
The redirect URI of your client application to receive a response from the OIDC/OAuth2 provider
Optional refreshOnly scopes in this list will be passed in the token refresh request.
Optional resourceoptional protocol param
Optional response_Optional protocol param The response mode used by the authority server is defined by the response_type unless explicitly specified:
Optional response_The type of response desired from the OIDC/OAuth2 provider (default: "code")
Optional revokeWill check the content type header of the response of the revocation endpoint to match these passed values (default: [])
Optional revokeThe token_type_hints to pass to the authority server by default (default: ["access_token", "refresh_token"])
Token types will be revoked in the same order as they are given here.
Optional revokeWill invoke the revocation endpoint on signout if there is an access token for the user (default: false)
Optional scopeThe scope being requested from the OIDC/OAuth2 provider (default: "openid")
Optional signingProvide signingKeys when authority server does not allow CORS on the jwks uri
Optional silentNumber of seconds to wait for the silent renew to return before assuming it has failed or timed out (default: 10)
Optional silent_The URL for the page containing the code handling the silent renew
Optional staleNumber (in seconds) indicating the age of state entries in storage for authorize requests that are considered abandoned and thus can be cleaned up (default: 900)
Optional stateStorage object used to persist interaction state (default: window.localStorage, InMemoryWebStorage iff no window).
E.g. stateStore: new WebStorageStateStore({ store: window.localStorage })
Optional stopOptional ui_optional protocol param
Optional userStorage object used to persist User for currently authenticated user (default: window.sessionStorage, InMemoryWebStorage iff no window).
E.g. userStore: new WebStorageStateStore({ store: window.localStorage })
Optional validateFlag to validate user.profile.sub in silent renew calls (default: true)
Generated using TypeDoc
The settings used to configure the UserManager.