ValidatedAuthMetadata
Defined in: src/oauth/discover.ts:31
Metadata from OAuth 2.0 client authentication API as per https://spec.matrix.org/v1.18/client-server-api/#get_matrixclientv1auth_metadata With validated properties required in type
Properties
Section titled “Properties”account_management_actions_supported?
Section titled “account_management_actions_supported?”
optionalaccount_management_actions_supported?:string[]
Defined in: src/oauth/discover.ts:33
List of actions that the account management URL supports.
account_management_uri?
Section titled “account_management_uri?”
optionalaccount_management_uri?:string
Defined in: src/oauth/discover.ts:35
The URL where the user is able to access the account management capabilities of the hub.
authorization_endpoint
Section titled “authorization_endpoint”authorization_endpoint:
string
Defined in: src/oauth/discover.ts:37
URL of the authorization endpoint, necessary to use the authorization code grant.
code_challenge_methods_supported
Section titled “code_challenge_methods_supported”code_challenge_methods_supported:
string[]
Defined in: src/oauth/discover.ts:43
List of OAuth 2.0 Proof Key for Code Exchange (PKCE) code challenge methods that the server supports at the authorization endpoint.
This array MUST contain at least the S256 value, for improved security in the authorization code grant.
device_authorization_endpoint?
Section titled “device_authorization_endpoint?”
optionaldevice_authorization_endpoint?:string
Defined in: src/oauth/discover.ts:45
URL of the device authorization endpoint, as defined in RFC 8628, necessary to use the device authorization grant.
grant_types_supported
Section titled “grant_types_supported”grant_types_supported:
string[]
Defined in: src/oauth/discover.ts:52
List of OAuth 2.0 grant type strings that the server supports at the token endpoint.
This array MUST contain at least the authorization_code and refresh_token values, for clients to be able to use the authorization code grant and refresh token grant, respectively.
issuer
Section titled “issuer”issuer:
string
Defined in: src/oauth/discover.ts:54
The authorization server’s issuer identifier, which is a URL that uses the https scheme and has no query or fragment components.
prompt_values_supported?
Section titled “prompt_values_supported?”
optionalprompt_values_supported?:string[]
Defined in: src/oauth/discover.ts:56
List of OpenID Connect prompt values that the server supports at the authorization endpoint.
registration_endpoint
Section titled “registration_endpoint”registration_endpoint:
string
Defined in: src/oauth/discover.ts:58
URL of the client registration endpoint, necessary to perform dynamic registration of a client.
response_modes_supported
Section titled “response_modes_supported”response_modes_supported:
string[]
Defined in: src/oauth/discover.ts:64
List of OAuth 2.0 response mode strings that the server supports at the authorization endpoint.
This array MUST contain at least the query and fragment values, for improved security in the authorization code grant.
response_types_supported
Section titled “response_types_supported”response_types_supported:
string[]
Defined in: src/oauth/discover.ts:70
List of OAuth 2.0 response type strings that the server supports at the authorization endpoint.
This array MUST contain at least the code value, for clients to be able to use the authorization code grant.
revocation_endpoint
Section titled “revocation_endpoint”revocation_endpoint:
string
Defined in: src/oauth/discover.ts:72
URL of the revocation endpoint, necessary to log out a client by invalidating its access and refresh tokens.
token_endpoint
Section titled “token_endpoint”token_endpoint:
string
Defined in: src/oauth/discover.ts:74
URL of the token endpoint, used by the grants.