features.registrationManagement

This content is for v8.x. Switch to the latest version for up-to-date documentation.

OAuth 2.0 Dynamic Client Registration Management Protocol

Enables Update and Delete features described in the RFC

default value:

{
  enabled: false,
  rotateRegistrationAccessToken: true
}

(Click to expand) features.registrationManagement options details

rotateRegistrationAccessToken

Enables registration access token rotation. The authorization server will discard the current Registration Access Token with a successful update and issue a new one, returning it to the client with the Registration Update Response. Supported values are

false registration access tokens are not rotated
true registration access tokens are rotated when used
function returning true/false, true when rotation should occur, false when it shouldn’t

default value:

true

(Click to expand) function use

{
  features: {
    registrationManagement: {
      enabled: true,
      async rotateRegistrationAccessToken(ctx) {
        // return tokenRecentlyRotated(ctx.oidc.entities.RegistrationAccessToken);
        // or
        // return customClientBasedPolicy(ctx.oidc.entities.Client);
      }
    }
  }
}