deno.land / x / oauth4webapi@v1.2.2 / docs / interfaces / AuthorizationServer.md
Interface: AuthorizationServer
Authorization Server Metadata
see IANA OAuth Authorization Server Metadata registry
Table of contents
Properties
- issuer
- acr_values_supported
- authorization_encryption_alg_values_supported
- authorization_encryption_enc_values_supported
- authorization_endpoint
- authorization_response_iss_parameter_supported
- authorization_signing_alg_values_supported
- backchannel_authentication_endpoint
- backchannel_authentication_request_signing_alg_values_supported
- backchannel_logout_session_supported
- backchannel_logout_supported
- backchannel_token_delivery_modes_supported
- backchannel_user_code_parameter_supported
- check_session_iframe
- claim_types_supported
- claims_locales_supported
- claims_parameter_supported
- claims_supported
- code_challenge_methods_supported
- device_authorization_endpoint
- display_values_supported
- dpop_signing_alg_values_supported
- end_session_endpoint
- frontchannel_logout_session_supported
- frontchannel_logout_supported
- grant_types_supported
- id_token_encryption_alg_values_supported
- id_token_encryption_enc_values_supported
- id_token_signing_alg_values_supported
- introspection_encryption_alg_values_supported
- introspection_encryption_enc_values_supported
- introspection_endpoint
- introspection_endpoint_auth_methods_supported
- introspection_endpoint_auth_signing_alg_values_supported
- introspection_signing_alg_values_supported
- jwks_uri
- mtls_endpoint_aliases
- op_policy_uri
- op_tos_uri
- pushed_authorization_request_endpoint
- registration_endpoint
- request_object_encryption_alg_values_supported
- request_object_encryption_enc_values_supported
- request_object_signing_alg_values_supported
- request_parameter_supported
- request_uri_parameter_supported
- require_pushed_authorization_requests
- require_request_uri_registration
- require_signed_request_object
- response_modes_supported
- response_types_supported
- revocation_endpoint
- revocation_endpoint_auth_methods_supported
- revocation_endpoint_auth_signing_alg_values_supported
- scopes_supported
- service_documentation
- signed_metadata
- subject_types_supported
- tls_client_certificate_bound_access_tokens
- token_endpoint
- token_endpoint_auth_methods_supported
- token_endpoint_auth_signing_alg_values_supported
- ui_locales_supported
- userinfo_encryption_alg_values_supported
- userinfo_encryption_enc_values_supported
- userinfo_endpoint
- userinfo_signing_alg_values_supported
Properties
issuer
• Readonly issuer: string
Authorization server's Issuer Identifier URL.
acr_values_supported
• Optional Readonly acr_values_supported: string[]
JSON array containing a list of the Authentication Context Class References that this authorization server supports.
authorization_encryption_alg_values_supported
• Optional Readonly authorization_encryption_alg_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for
introspection response encryption (alg value).
authorization_encryption_enc_values_supported
• Optional Readonly authorization_encryption_enc_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for
introspection response encryption (enc value).
authorization_endpoint
• Optional Readonly authorization_endpoint: string
URL of the authorization server's authorization endpoint.
authorization_response_iss_parameter_supported
• Optional Readonly authorization_response_iss_parameter_supported: boolean
Boolean value indicating whether the authorization server provides the iss parameter in the
authorization response.
authorization_signing_alg_values_supported
• Optional Readonly authorization_signing_alg_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for introspection response signing.
backchannel_authentication_endpoint
• Optional Readonly backchannel_authentication_endpoint: string
CIBA Backchannel Authentication Endpoint.
backchannel_authentication_request_signing_alg_values_supported
• Optional Readonly backchannel_authentication_request_signing_alg_values_supported: string[]
JSON array containing a list of the JWS signing algorithms supported for validation of signed CIBA authentication requests.
backchannel_logout_session_supported
• Optional Readonly backchannel_logout_session_supported: boolean
Boolean value specifying whether the authorization server can pass a sid (session ID) Claim
in the Logout Token to identify the RP session with the OP.
backchannel_logout_supported
• Optional Readonly backchannel_logout_supported: boolean
Boolean value specifying whether the authorization server supports back-channel logout.
backchannel_token_delivery_modes_supported
• Optional Readonly backchannel_token_delivery_modes_supported: string[]
Supported CIBA authentication result delivery modes.
backchannel_user_code_parameter_supported
• Optional Readonly backchannel_user_code_parameter_supported: boolean
Indicates whether the authorization server supports the use of the CIBA user_code parameter.
check_session_iframe
• Optional Readonly check_session_iframe: string
URL of an authorization server iframe that supports cross-origin communications for session state information with the RP Client, using the HTML5 postMessage API.
claim_types_supported
• Optional Readonly claim_types_supported: string[]
JSON array containing a list of the Claim Types that the authorization server supports.
claims_locales_supported
• Optional Readonly claims_locales_supported: string[]
Languages and scripts supported for values in Claims being returned, represented as a JSON array of RFC 5646 language tag values.
claims_parameter_supported
• Optional Readonly claims_parameter_supported: boolean
Boolean value specifying whether the authorization server supports use of the claims
parameter.
claims_supported
• Optional Readonly claims_supported: string[]
JSON array containing a list of the Claim Names of the Claims that the authorization server MAY be able to supply values for.
code_challenge_methods_supported
• Optional Readonly code_challenge_methods_supported: string[]
PKCE code challenge methods supported by this authorization server.
device_authorization_endpoint
• Optional Readonly device_authorization_endpoint: string
URL of the authorization server's device authorization endpoint.
display_values_supported
• Optional Readonly display_values_supported: string[]
JSON array containing a list of the display parameter values that the authorization server
supports.
dpop_signing_alg_values_supported
• Optional Readonly dpop_signing_alg_values_supported: string[]
JSON array containing a list of the JWS algorithms supported for DPoP proof JWTs.
end_session_endpoint
• Optional Readonly end_session_endpoint: string
URL at the authorization server to which an RP can perform a redirect to request that the End-User be logged out at the authorization server.
frontchannel_logout_session_supported
• Optional Readonly frontchannel_logout_session_supported: boolean
Boolean value specifying whether the authorization server can pass iss (issuer) and sid
(session ID) query parameters to identify the RP session with the authorization server when the
frontchannel_logout_uri is used.
frontchannel_logout_supported
• Optional Readonly frontchannel_logout_supported: boolean
Boolean value specifying whether the authorization server supports HTTP-based logout.
grant_types_supported
• Optional Readonly grant_types_supported: string[]
JSON array containing a list of the grant_type values that this authorization server
supports.
id_token_encryption_alg_values_supported
• Optional Readonly id_token_encryption_alg_values_supported: string[]
JSON array containing a list of the JWE alg values supported by the authorization server for
the ID Token.
id_token_encryption_enc_values_supported
• Optional Readonly id_token_encryption_enc_values_supported: string[]
JSON array containing a list of the JWE enc values supported by the authorization server for
the ID Token.
id_token_signing_alg_values_supported
• Optional Readonly id_token_signing_alg_values_supported: string[]
JSON array containing a list of the JWS alg values supported by the authorization server for
the ID Token.
introspection_encryption_alg_values_supported
• Optional Readonly introspection_encryption_alg_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for
introspection response content key encryption (alg value).
introspection_encryption_enc_values_supported
• Optional Readonly introspection_encryption_enc_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for
introspection response content encryption (enc value).
introspection_endpoint
• Optional Readonly introspection_endpoint: string
URL of the authorization server's introspection endpoint.
introspection_endpoint_auth_methods_supported
• Optional Readonly introspection_endpoint_auth_methods_supported: string[]
JSON array containing a list of client authentication methods supported by this introspection endpoint.
introspection_endpoint_auth_signing_alg_values_supported
• Optional Readonly introspection_endpoint_auth_signing_alg_values_supported: string[]
JSON array containing a list of the JWS signing algorithms supported by the introspection endpoint for the signature on the JWT used to authenticate the client at the introspection endpoint.
introspection_signing_alg_values_supported
• Optional Readonly introspection_signing_alg_values_supported: string[]
JSON array containing a list of algorithms supported by the authorization server for introspection response signing.
jwks_uri
• Optional Readonly jwks_uri: string
URL of the authorization server's JWK Set document.
mtls_endpoint_aliases
• Optional Readonly mtls_endpoint_aliases: MTLSEndpointAliases
JSON object containing alternative authorization server endpoints, which a client intending to do mutual TLS will use in preference to the conventional endpoints.
op_policy_uri
• Optional Readonly op_policy_uri: string
URL that the authorization server provides to the person registering the client to read about the authorization server's requirements on how the client can use the data provided by the authorization server.
op_tos_uri
• Optional Readonly op_tos_uri: string
URL that the authorization server provides to the person registering the client to read about the authorization server's terms of service.
pushed_authorization_request_endpoint
• Optional Readonly pushed_authorization_request_endpoint: string
URL of the authorization server's pushed authorization request endpoint.
registration_endpoint
• Optional Readonly registration_endpoint: string
URL of the authorization server's Dynamic Client Registration Endpoint.
request_object_encryption_alg_values_supported
• Optional Readonly request_object_encryption_alg_values_supported: string[]
JSON array containing a list of the JWE alg values supported by the authorization server for
Request Objects.
request_object_encryption_enc_values_supported
• Optional Readonly request_object_encryption_enc_values_supported: string[]
JSON array containing a list of the JWE enc values supported by the authorization server for
Request Objects.
request_object_signing_alg_values_supported
• Optional Readonly request_object_signing_alg_values_supported: string[]
JSON array containing a list of the JWS alg values supported by the authorization server for
Request Objects.
request_parameter_supported
• Optional Readonly request_parameter_supported: boolean
Boolean value specifying whether the authorization server supports use of the request
parameter.
request_uri_parameter_supported
• Optional Readonly request_uri_parameter_supported: boolean
Boolean value specifying whether the authorization server supports use of the request_uri
parameter.
require_pushed_authorization_requests
• Optional Readonly require_pushed_authorization_requests: boolean
Indicates whether the authorization server accepts authorization requests only via PAR.
require_request_uri_registration
• Optional Readonly require_request_uri_registration: boolean
Boolean value specifying whether the authorization server requires any request_uri values
used to be pre-registered.
require_signed_request_object
• Optional Readonly require_signed_request_object: boolean
Indicates where authorization request needs to be protected as Request Object and provided
through either request or request_uri parameter.
response_modes_supported
• Optional Readonly response_modes_supported: string[]
JSON array containing a list of the response_mode values that this authorization server
supports.
response_types_supported
• Optional Readonly response_types_supported: string[]
JSON array containing a list of the response_type values that this authorization server
supports.
revocation_endpoint
• Optional Readonly revocation_endpoint: string
URL of the authorization server's revocation endpoint.
revocation_endpoint_auth_methods_supported
• Optional Readonly revocation_endpoint_auth_methods_supported: string[]
JSON array containing a list of client authentication methods supported by this revocation endpoint.
revocation_endpoint_auth_signing_alg_values_supported
• Optional Readonly revocation_endpoint_auth_signing_alg_values_supported: string[]
JSON array containing a list of the JWS signing algorithms supported by the revocation endpoint for the signature on the JWT used to authenticate the client at the revocation endpoint.
scopes_supported
• Optional Readonly scopes_supported: string[]
JSON array containing a list of the scope values that this authorization server supports.
service_documentation
• Optional Readonly service_documentation: string
URL of a page containing human-readable information that developers might want or need to know when using the authorization server.
signed_metadata
• Optional Readonly signed_metadata: string
Signed JWT containing metadata values about the authorization server as claims.
subject_types_supported
• Optional Readonly subject_types_supported: string[]
JSON array containing a list of the Subject Identifier types that this authorization server supports.
tls_client_certificate_bound_access_tokens
• Optional Readonly tls_client_certificate_bound_access_tokens: boolean
Indicates authorization server support for mutual-TLS client certificate-bound access tokens.
token_endpoint
• Optional Readonly token_endpoint: string
URL of the authorization server's token endpoint.
token_endpoint_auth_methods_supported
• Optional Readonly token_endpoint_auth_methods_supported: string[]
JSON array containing a list of client authentication methods supported by this token endpoint.
token_endpoint_auth_signing_alg_values_supported
• Optional Readonly token_endpoint_auth_signing_alg_values_supported: string[]
JSON array containing a list of the JWS signing algorithms supported by the token endpoint for the signature on the JWT used to authenticate the client at the token endpoint.
ui_locales_supported
• Optional Readonly ui_locales_supported: string[]
Languages and scripts supported for the user interface, represented as a JSON array of language tag values from RFC 5646.
userinfo_encryption_alg_values_supported
• Optional Readonly userinfo_encryption_alg_values_supported: string[]
JSON array containing a list of the JWE alg values supported by the UserInfo Endpoint.
userinfo_encryption_enc_values_supported
• Optional Readonly userinfo_encryption_enc_values_supported: string[]
JSON array containing a list of the JWE enc values supported by the UserInfo Endpoint.
userinfo_endpoint
• Optional Readonly userinfo_endpoint: string
URL of the authorization server's UserInfo Endpoint.
userinfo_signing_alg_values_supported
• Optional Readonly userinfo_signing_alg_values_supported: string[]
JSON array containing a list of the JWS alg values supported by the UserInfo Endpoint.
Version Info
