Creates a redirect URL that can be used to start an logout flow.
This method is useful when you want control over the actual redirection,
if you want browser to be redirected, call logoutWithRedirect
instead.
const url = createLogoutRedirectURL()
window.location.assign(url)
a URL where the browser should be redirected to in order to logout.
custom options that affects the logout flow.
Creates a redirect URL that can be used to start an authorization code request.
This method is useful when you want control over the actual redirection,
if you want browser to be redirected, call loginWithRedirect
instead.
const url = createRedirectURL()
window.location.assign(url)
a URL where the browser should be redirected to in order to login.
custom options that affects the authorization code process.
Start a signup by redirecting the current window.
createSignupUrl()
Returns an access token.
a promise which resolves to an access token string.
options to get an access token for a more specific authentication.
Returns an authenticated User.
a promise which resolves to a User or undefined if no authenticated user found.
options to get a user for a more specific authentication.
Call this method in order to complete authentication flow. this method should be called after the End-User successfully signs-in.
the URL returned from the authorization code endpoint, defaults to window.location.href
Call this method in order to complete logout flow. this method should be called after the End-User sucessfully logs out.
note that this method only works if the logout was performed for a specific client.
the URL returned from the logout endpoint, defaults to window.location.href
introspectAccessToken returns the decoded claims of the access token. handful for protecting spa routes by claims such 'scp'
note: this method does not actually perform idp introspection nor checks the validity of the token.
Starts a login by redirecting the current window.
loginWithRedirect()
options
Starts a logout by redirecting the current window.
logoutWithRedirect()
options
CrossidClient performs OAuth2 authorization code flow using the PKCE extension. A typical application will only need a sigle instance of this client. In more advanced cases, such as a single SPA app that requires interaction with multiple oauth2 clients, a client instance should be created per OAuth client id.