search

authts / oidc-client-ts

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
https://authts.github.io/oidc-client-ts/
Apache License 2.0
1.39k stars 209 forks source link

Does this library support introspection endpoint? #1084

Closed Sameer259310 closed 1 month ago

Sameer259310 commented 1 year ago

Most of the OIDC providers support introspection_endpoint to manage users session. It seems like, this library is supporting check_session_iframe endpoint, and not introspection endpoint. will it work with OIDC providers that are not supporting check_session_iframe endpoint for session management? (In my case, its Salesforce IDP)

pamapa commented 1 year ago

This library does not support introspection_endpoint. You will need to extend it to do so, you should be able to extend the classes (MetadataService, OidcClient) on your side.

Sameer259310 commented 1 year ago

As per my understanding from your response, we have to manually introspect token endpoint using these classes. By doing so, will we able to manage user session and token expiry or we have to write custom logic for that too?

pamapa commented 1 year ago

Yes, you will need to write code to do so. Would be nice if you could share that code here...

pamapa commented 1 month ago

This issue (question) staled some time ago, closing it for now.