Features
Feature Configurations
Specifies the authorization server feature capabilities that shall be enabled or disabled. This configuration controls the availability of optional OAuth 2.0 and OpenID Connect extensions, experimental specifications, and proprietary enhancements.
Certain features may be designated as experimental implementations. When experimental features are enabled, the authorization server will emit warnings to indicate that breaking changes may occur in future releases. These changes will be published as minor version updates of the oidc-provider module.
To suppress experimental feature warnings and ensure configuration validation against breaking changes, implementations shall acknowledge the specific experimental feature version using the acknowledgment mechanism demonstrated in the example below. When an unacknowledged breaking change is detected, the authorization server configuration will throw an error during instantiation.
Example: (Click to expand) Acknowledging an experimental feature.
import * as oidc from 'oidc-provider'new oidc.Provider('http://localhost:3000', { features: { webMessageResponseMode: { enabled: true, }, },});// The above code produces this NOTICE// NOTICE: The following experimental features are enabled and their implemented version not acknowledged// NOTICE: - OAuth 2.0 Web Message Response Mode - draft 01 (Acknowledging this feature's implemented version can be done with the value 'individual-draft-01')// NOTICE: Breaking changes between experimental feature updates may occur and these will be published as MINOR semver oidc-provider updates.// NOTICE: You may disable this notice and be warned when breaking updates occur by acknowledging the current experiment's version. See the documentation for more details.new oidc.Provider('http://localhost:3000', { features: { webMessageResponseMode: { enabled: true, ack: 'individual-draft-01', }, },});// No more NOTICE, at this point if the experimental was updated and contained no breaking// changes, you're good to go, still no NOTICE, your code is safe to run.// Now let's assume you upgrade oidc-provider version and it includes a breaking change in// this experimental featurenew oidc.Provider('http://localhost:3000', { features: { webMessageResponseMode: { enabled: true, ack: 'individual-draft-01', }, },});// Thrown:// Error: An unacknowledged version of an experimental feature is included in this oidc-provider version.All Feature Options
Section titled “All Feature Options”- features.devInteractions
- features.resourceIndicators
- features.backchannelLogout
- features.ciba
- features.claimsParameter
- features.clientCredentials
- features.deviceFlow
- features.dPoP
- features.encryption
- features.fapi
- features.introspection
- features.jwtIntrospection
- features.jwtResponseModes
- features.jwtUserinfo
- features.mTLS
- features.pushedAuthorizationRequests
- features.registration
- features.registrationManagement
- features.requestObjects
- features.revocation
- features.rpInitiatedLogout
- features.userinfo
- features.attestClientAuth
- features.clientIdMetadataDocument
- features.externalSigningSupport
- features.richAuthorizationRequests
- features.rpMetadataChoices
- features.webMessageResponseMode