Skip to content
oidc-provider
Search limited to v8.x. Switch to the latest version for up-to-date results.

Custom Grant Types

This content is for v8.x. Switch to the latest version for up-to-date documentation.

oidc-provider comes with the basic grants implemented, but you can register your own grant types, for example to implement an OAuth 2.0 Token Exchange. You can check the standard grant factories here.

const parameters = [
  'audience',
  'resource',
  'scope',
  'requested_token_type',
  'subject_token',
  'subject_token_type',
  'actor_token',
  'actor_token_type',
]
const allowedDuplicateParameters = ['audience', 'resource']
const grantType = 'urn:ietf:params:oauth:grant-type:token-exchange'


async function tokenExchangeHandler(ctx, next) {
  // ctx.oidc.params holds the parsed parameters
  // ctx.oidc.client has the authenticated client
  // your grant implementation
  // see /lib/actions/grants for references on how to instantiate and issue tokens
}


provider.registerGrantType(
  grantType,
  tokenExchangeHandler,
  parameters,
  allowedDuplicateParameters,
)