@auth0/nextjs-auth0 - v4.11.0
    Preparing search index...

    Class AuthClient

    Index

    Constructors

    Methods

    • Creates a new Fetcher instance with DPoP support and authentication capabilities.

      This method creates fetcher-scoped DPoP handles via oauth.DPoP(this.clientMetadata, this.dpopKeyPair!). Each fetcher instance maintains its own DPoP nonce state for isolation and security. It is recommended to create fetchers at module level and reuse them across requests

      Type Parameters

      • TOutput extends Response

      Parameters

      • options: FetcherFactoryOptions<TOutput>

        Configuration options for the fetcher

      Returns Promise<Fetcher<TOutput>>

      Promise resolving to a configured Fetcher instance

      const managementApi = await auth0.fetcherFactory({
      baseUrl: `https://${process.env.AUTH0_DOMAIN}/api/v2/`,
      session: await getSession(req, res)
      });

      // Use the same fetcher for multiple requests
      const users = await managementApi.get('users');
      const roles = await managementApi.get('roles');

      DPoP Nonce Management:

      • Each fetcher learns and caches nonces from the authorization server
      • Failed nonce validation triggers automatic retry with updated nonce
      • Nonce state is isolated between fetcher instances for security

      When DPoP is enabled but no keypair is configured

    • Filters and processes ID token claims for a session.

      If a beforeSessionSaved callback is configured, it will be invoked to allow custom processing of the session and ID token. Otherwise, default filtering will be applied to remove standard ID token claims from the user object.

      Parameters

      Returns Promise<SessionData>

    • Exchanges a refresh token for an access token for a connection.

      This method performs a token exchange using the provided refresh token and connection details. It first checks if the refresh token is present in the tokenSet. If not, it returns an error. Then, it constructs the necessary parameters for the token exchange request and performs the request to the authorization server's token endpoint.

      Parameters

      Returns Promise<[AccessTokenForConnectionError, null] | [null, ConnectionTokenSet]>

      A promise that resolves to a tuple. The first element is either an AccessTokenForConnectionError if an error occurred, or null if the request was successful. The second element is either null if an error occurred, or a ConnectionTokenSet object containing the access token, expiration time, and scope if the request was successful.

      If the refresh token is missing or if there is an error during the token exchange process.

    • Retrieves OAuth token sets, handling token refresh when necessary or if forced.

      Parameters

      Returns Promise<[SdkError, null] | [null, GetTokenSetResponse]>

      A tuple containing either:

      • [SdkError, null] if an error occurred (missing refresh token, discovery failure, or refresh failure)
      • [null, {tokenSet, idTokenClaims}] if a new token was retrieved, containing the new token set ID token claims
      • [null, {tokenSet, }] if token refresh was not done and existing token was returned
    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>