Auth0 Node.js SDK - v5.0.0
    Preparing search index...

    Class OAuth

    OAuth 2.0 flows.

    Hierarchy (View Summary)

    Index

    Constructors

    Methods

    • Use this endpoint to invalidate a Refresh Token if it has been compromised.

      The behaviour of this endpoint depends on the state of the Refresh Token Revocation Deletes Grant toggle. If this toggle is enabled, then each revocation request invalidates not only the specific token, but all other tokens based on the same authorization grant. This means that all Refresh Tokens that have been issued for the same user, application, and audience will be revoked. If this toggle is disabled, then only the refresh token is revoked, while the grant is left intact.

      See: https://auth0.com/docs/api/authentication#revoke-refresh-token

      Parameters

      Returns Promise<VoidApiResponse>

      const auth0 = new AuthenticationApi({
      domain: 'my-domain.auth0.com',
      clientId: 'myClientId'
      clientSecret: 'myClientSecret'
      });

      await auth0.oauth.revokeRefreshToken({ token: 'myrefreshtoken' })
    • Exchanges a subject token for an access token for the connection.

      The request body includes:

      • client_id (and client_secret/client_assertion via addClientAuthentication)
      • grant_type set to urn:auth0:params:oauth:grant-type:token-exchange:federated-connection-access-token
      • subject_token: the token to exchange
      • subject_token_type: the type of token being exchanged. Defaults to refresh tokens (urn:ietf:params:oauth:token-type:refresh_token).
      • requested_token_type (http://auth0.com/oauth/token-type/federated-connection-access-token) indicating that a federated connection access token is desired
      • connection name and an optional login_hint if provided

      Parameters

      Returns Promise<JSONApiResponse<TokenSet>>

      A promise with the token response data.

      An error if the exchange fails.

    Properties

    domain: string
    clientId: string
    clientSecret?: string
    clientAssertionSigningKey?: string
    clientAssertionSigningAlg?: string
    useMTLS?: boolean
    idTokenValidator: IDTokenValidator
    configuration: Configuration