Skip to main content

Config

The configuration object passed as a parameter in the OAuthContext constructor.

Parameters Description Type Requirements
tenantUrl The base URL which will direct users to Security Verify for authentication String Required
clientId The client ID string generated on your applications Sign-on page within Security Verify String Required
clientSecret The client secret string assigned to you by Security Verify. This data is used together with the client ID to authenticate the relying party and to exchange an authorization code for an ID token. String Required for Authorization Code Flow only
redirectUrl The address where Security Verify sends its authentication response to the relying party. String Required
responseType Authorization Flow value: code. Implicit Flow value: id_token or token or id_token with token String Required
storageType Set client side storage type. Default is sessionStorage. Options: sessionStorage, localStorage or cookies String Required for Implicit Flow only
registrationProfileId A pre-configured registration profile with a unique ID used to bind an authenticator instance to a user. Read more about Managing registration profiles. String Required
flowType Used by the SDK to determine which flow will get invoked by your application. Options: authorization, implicit, urn:ietf:params:oauth:grant-type:device_code or password. String Required
scope The openid scope is required to generate the id_token parameter String Required

Learn more about Security Verify's custom application configuration.

Example configuration settings:

Authorization Code Flow
// clientSecret is required for Authorization Code Flow
let config = {
  tenantUrl: process.env.TENANT_URL,
  clientId: process.env.CLIENT_ID,
  clientSecret: process.env.CLIENT_SECRET,
  registrationProfileId: process.env.REGISTRATION_PROFILE_ID,
  redirectUri: 'https://{redirectUrl}',
  responseType: 'code',
  flowType: 'authorization',
  scope: 'openid'
};

// Instantiate OAuthContext
authClient = new OAuthContext(config);
Implicit Flow
// storageType is required for Implicit Flow
let config = {
  tenantUrl: process.env.TENANT_URL,
  clientId: process.env.CLIENT_ID,
  registrationProfileId: process.env.REGISTRATION_PROFILE_ID,
  redirectUri: 'https://{redirectUrl}',
  responseType: 'code',
  flowType: 'authorization',
  scope: 'openid',
  storageType: 'sessionStorage'
};

// Instantiate OAuthContext
authClient = new OAuthContext(config);
Resource Owner Password Credentials Flow
let config = {
  tenantUrl: process.env.TENANT_URL,
  clientId: process.env.CLIENT_ID,
  registrationProfileId: process.env.REGISTRATION_PROFILE_ID,
  redirectUri: 'https://{redirectUrl}',
  responseType: 'code',
  flowType: 'authorization',
  scope: 'openid',
};

// Instantiate OAuthContext
authClient = new OAuthContext(config);
Device Flow
let config = {
  tenantUrl: process.env.TENANT_URL,
  clientId: process.env.CLIENT_ID,
  registrationProfileId: process.env.REGISTRATION_PROFILE_ID,
  redirectUri: 'https://{redirectUrl}',
  responseType: 'code',
  flowType: 'authorization',
  scope: 'openid',
};

// Instantiate OAuthContext
authClient = new OAuthContext(config);