Function: discovery()
March 6, 2026 ยท View on GitHub
Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.
โธ discovery(server, clientId, metadata?, clientAuthentication?, options?): Promise<Configuration>
Performs Authorization Server Metadata discovery and returns a Configuration with the discovered Authorization Server metadata.
Passing the Authorization Server's Issuer Identifier to this method is the RECOMMENDED method of client configuration.
This has the same effect as calling the Configuration constructor except that the server metadata is discovered from its own Authorization Server Metadata discovery document.
Note
This method also accepts a URL pointing directly to the Authorization
Server's discovery document, doing so is merely a shorthand for using
fetch and passing the discovered JSON metadata (as
ServerMetadata) into the Configuration constructor. Doing so is
NOT RECOMMENDED as it disables the ServerMetadata.issuer validation.
Parameters
| Parameter | Type | Description |
|---|---|---|
server | URL | URL representation of the Authorization Server's Issuer Identifier |
clientId | string | Client Identifier at the Authorization Server |
metadata? | string | Partial<ClientMetadata> | Client Metadata, when a string is passed it is a shorthand for passing just ClientMetadata.client_secret |
clientAuthentication? | ClientAuth | Implementation of the Client's Authentication Method at the Authorization Server. Default is ClientSecretPost using the ClientMetadata.client_secret. |
options? | DiscoveryRequestOptions | - |