express-openid-connect
    Preparing search index...

    Interface RequestContext

    The request authentication context found on the Express request when OpenID Connect auth middleware is added to your application.

    app.use(auth());

    app.get('/profile', (req, res) => {
      const user = req.oidc.user;
      ...
    })
    interface RequestContext {
        accessToken?: AccessToken;
        customTokenExchange?: (
            options?: CustomTokenExchangeOptions,
        ) => Promise<TokenExchangeResponse>;
        idToken?: string;
        idTokenClaims?: IdTokenClaims;
        isAuthenticated: () => boolean;
        refreshToken?: string;
        user?: Record<string, any>;
        fetchUserInfo(): Promise<UserinfoResponse>;
    }
    Index

    Properties

    accessToken? customTokenExchange? idToken? idTokenClaims? isAuthenticated refreshToken? user?

    Methods

    fetchUserInfo

    Properties

    accessToken?: AccessToken

    Credentials that can be used by an application to access an API.

    See: https://auth0.com/docs/protocols/oidc#access-tokens

    customTokenExchange?: (
        options?: CustomTokenExchangeOptions,
    ) => Promise<TokenExchangeResponse>

    Performs a token exchange (RFC 8693) using the token endpoint.

    app.get('/api', requiresAuth(), async (req, res) => {
      const tokenSet = await req.oidc.customTokenExchange({
        audience: 'https://downstream-api.example.com',
      });
      res.json({ access_token: tokenSet.access_token });
    });

    Errors thrown:

    • HTTP 400 — AS rejected the request or subject_token could not be resolved (no session or no access token). err.error contains the OAuth error code
    • HTTP 401 — AS requires MFA step-up, err.error === 'mfa_required'

    Vendor-specific parameters must be passed via extra.

    idToken?: string

    The OpenID Connect ID Token.

    See: https://auth0.com/docs/protocols/oidc#id-tokens

    idTokenClaims?: IdTokenClaims

    An object containing all the claims of the ID Token.

    isAuthenticated: () => boolean

    Method to check the user's authenticated state, returns true if logged in.

    refreshToken?: string

    Credentials that can be used to refresh an access token.

    See: https://auth0.com/docs/tokens/concepts/refresh-tokens

    user?: Record<string, any>

    An object containing all the claims of the ID Token with the claims specified in identityClaimFilter removed.

    Methods

    • Fetches the OIDC userinfo response.

      app.use(auth());

      app.get('/user-info', async (req, res) => {
        const userInfo = await req.oidc.fetchUserInfo();
        res.json(userInfo);
      })

      Returns Promise<UserinfoResponse>

    Settings

    Member Visibility

    On This Page

    Properties
    Methods