Function: authorizationCodeGrant()
August 29, 2025 ยท View on GitHub
Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.
โธ authorizationCodeGrant(config, currentUrl, checks?, tokenEndpointParameters?, options?): Promise<TokenEndpointResponse & TokenEndpointResponseHelpers>
This method validates the authorization response and then executes the Authorization Code Grant at the Authorization Server's token endpoint to obtain an access token. ID Token and Refresh Token are also optionally issued by the server.
Note
URL of the authorization server's token endpoint
must be configured.
Parameters
| Parameter | Type | Description |
|---|---|---|
config | Configuration | - |
currentUrl | URL | Request | Current URL the Authorization Server provided an Authorization Response to or a Request, the Authorization Code Grant parameters are extracted from this. |
checks? | AuthorizationCodeGrantChecks | CSRF Protection checks like PKCE, expected state, or expected nonce |
tokenEndpointParameters? | Record<string, string> | URLSearchParams | Additional parameters that will be sent to the token endpoint, typically used for parameters such as resource (Resource Indicator) in cases where multiple resource indicators were requested but the authorization server only supports issuing an access token with a single audience |
options? | AuthorizationCodeGrantOptions | - |
Returns
Promise<TokenEndpointResponse & TokenEndpointResponseHelpers>
Examples
let config!: client.Configuration
let getCodeVerifierFromSession!: (...args: any) => string
let getCurrentUrl!: (...args: any) => URL
let tokens = await client.authorizationCodeGrant(
config,
getCurrentUrl(),
{
pkceCodeVerifier: getCodeVerifierFromSession(),
},
)
Using an incoming Request instance
let config!: client.Configuration
let getCodeVerifierFromSession!: (...args: any) => string
let request!: Request
let tokens = await client.authorizationCodeGrant(config, request, {
pkceCodeVerifier: getCodeVerifierFromSession(),
})