Appearance
Configuration
INFO
The default configuration is great for most users. You might not need to tweak anything here.
The authorization server has a few optional settings with the following default values;
ts
type AuthorizationServerOptions = {
requiresPKCE: true;
requiresS256: false;
notBeforeLeeway: 0;
tokenCID: "id" | "name";
}
Option | Number | Default | Details |
---|---|---|---|
requiresPKCE | boolean | true | PKCE is enabled by default and recommended for all users. To support a legacy client without PKCE, disable this option. [Learn more] |
requiresS256 | boolean | true | Disabled by default. If you want to require all clients to use S256, you can enable that here. [Learn more] |
notBeforeLeeway | number | 0 | Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing a NumericDate value. |
tokenCID | "id" or "name" | "id" | Sets the JWT accessToken.cid to either the client.id or client.name .In 3.x the default is "id", in v2.x the default was "name". [Learn more] |
To configure these options, pass the value in as the last argument:
typescript
const authorizationServer = new AuthorizationServer(
clientRepository,
accessTokenRepository,
scopeRepository,
new JwtService("secret-key"),
{
requiresS256: true,
}
);