MonoCloud Authentication SDK
    Preparing search index...

    Class MonoCloudBackendNodeClient

    Backend client for validating access tokens in Node.js server applications.

    Extends the core OIDC backend client with caching support and automatic detection of JWT vs. opaque token formats.

    Hierarchy

    Index
    clockSkew clockTolerance constructor decodeJwt fetcher? getJwks getMetadata introspectAccessToken jwks? jwksCacheDuration jwksCacheExpiry metadata? metadataCacheDuration metadataCacheExpiry setClockSkew setClockTolerance tenantDomain validateAccessToken validateJwtAccessToken
    clockSkew: number = 0

    Number of seconds to adjust the current time to account for clock differences between the client and server during time-based claim validation. Defaults to 0.

    clockTolerance: number = 300

    Additional time tolerance in seconds applied when validating time-based claims (exp, nbf). Defaults to 300 (5 minutes).

    fetcher?: {
        (input: URL | RequestInfo, init?: RequestInit): Promise<Response>;
        (input: string | URL | Request, init?: RequestInit): Promise<Response>;
    }

    Custom fetch implementation used for making HTTP requests. Falls back to the global fetch if not provided.

    Type Declaration

      • (input: URL | RequestInfo, init?: RequestInit): Promise<Response>

      • MDN Reference

        Parameters

        • input: URL | RequestInfo
        • Optionalinit: RequestInit

        Returns Promise<Response>

      • (input: string | URL | Request, init?: RequestInit): Promise<Response>

      • MDN Reference

        Parameters

        • input: string | URL | Request
        • Optionalinit: RequestInit

        Returns Promise<Response>

    • Fetches the JSON Web Keys used to sign the ID token. The JWKS is cached for 5 minutes by default.

      Parameters

      • forceRefresh: boolean = false

        If true, bypasses the cache and fetches fresh set of JWKS from the server.

      Returns Promise<Jwks>

      The JSON Web Key Set containing the public keys for token verification.

      MonoCloudHttpError - Thrown if there is a network error during the request or unexpected status code during the request or a serialization error while processing the response.

    • Fetches the authorization server metadata from the .well-known endpoint. The metadata is cached for 5 minutes by default.

      Parameters

      • forceRefresh: boolean = false

        If true, bypasses the cache and fetches fresh metadata from the server.

      Returns Promise<IssuerMetadata>

      The issuer metadata for the tenant, retrieved from the OpenID Connect discovery endpoint.

      MonoCloudHttpError - Thrown if there is a network error during the request or unexpected status code during the request or a serialization error while processing the response.

    jwks?: Jwks

    Cached JSON Web Key Set retrieved from the issuer's JWKS endpoint.

    jwksCacheDuration: number = 300

    Duration (in seconds) for which the JWKS is cached. Defaults to 300 (5 minutes).

    jwksCacheExpiry: number = 0

    Timestamp (in seconds) when the cached JWKS expires.

    metadata?: IssuerMetadata

    Cached issuer metadata retrieved from the OpenID Connect discovery endpoint.

    metadataCacheDuration: number = 300

    Duration (in seconds) for which the metadata is cached. Defaults to 300 (5 minutes).

    metadataCacheExpiry: number = 0

    Timestamp (in seconds) when the cached metadata expires.

    tenantDomain: string

    The normalized tenant domain URL used as the base for discovery endpoints.

    Settings

    On This Page

    clockSkewclockToleranceconstructordecodeJwtfetchergetJwksgetMetadataintrospectAccessTokenjwksjwksCacheDurationjwksCacheExpirymetadatametadataCacheDurationmetadataCacheExpirysetClockSkewsetClockTolerancetenantDomainvalidateAccessTokenvalidateJwtAccessToken