OAuth 2 / OpenID Connect Client API for JavaScript Runtimes
MIT License
Bot releases are hidden (Show)
Published by panva 20 days ago
openid-client v6.x is a complete rewrite of the openid-client module, this is the first time since 0.1.0 (8 years ago) that the API has drastically changed. The new module structure and API focuses on three core principles:
To that end openid-client@6 no longer supports the full cartesian matrix of response types and response modes, it no longer supports issuing encrypted assertions, decrypting assertions is limited to only a few algorithms, it no longer supports Dynamic Client Registration or Management, and Self-Issued OpenID Provider responses are also not supported.
The new API makes basic setups simple while allowing some degree of complexity where needed.
openid-client@6 is an ESM module using ES2022 syntax and it depends on WebCryptoAPI and Fetch API globals being available in the JS runtime.
openid-client@6 is written in TypeScript and its exported types come with comment annotations.
(Node.js) Versions 20.x and newer have all the necessary globals. v18.x is being tested in CI as well with the --experimental-global-webcrypto
CLI flag.
(Node.js) CJS style let client = require('openid-client')
is possible in versions where process.features.require_module
is true
. This is a new Node.js feature slated to be released without a CLI flag in 23.x and 22.x