Interface: DiscoveryRequestOptions

March 19, 2026 Ā· View on GitHub

šŸ’— Help the project

Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.

Properties

[customFetch]?

ā€¢ optional [customFetch]?: CustomFetch

Custom Fetch API implementation to use for the HTTP Requests the client will be making. If this option is used, then the customFetch value will be assigned to the resolved Configuration instance for use with all its future individual HTTP requests.

See

customFetch

algorithm?

ā€¢ optional algorithm?: "oidc" | "oauth2"

The issuer transformation algorithm to use. Default is oidc.

Example

Given the Issuer Identifier is https://example.com
  oidc  => https://example.com/.well-known/openid-configuration
  oauth => https://example.com/.well-known/oauth-authorization-server

Given the Issuer Identifier is https://example.com/pathname
  oidc  => https://example.com/pathname/.well-known/openid-configuration
  oauth => https://example.com/.well-known/oauth-authorization-server/pathname

See

execute?

ā€¢ optional execute?: (config) => void[]

Methods (available list linked below) to execute with the Configuration instance as argument after it is instantiated

Note


Presence of allowInsecureRequests in this option also enables the use of insecure HTTP requests for the Authorization Server Metadata discovery request itself.

Parameters

ParameterType
configConfiguration

Returns

void

Example

Disable the HTTPS-only restriction for the discovery call and subsequently for all requests made with the resulting Configuration instance.

let server!: URL
let clientId!: string
let clientMetadata!:
  | Partial<client.ClientMetadata>
  | undefined
  | string
let clientAuth!: client.ClientAuth | undefined

let config = await client.discovery(
  server,
  clientId,
  clientMetadata,
  clientAuth,
  {
    execute: [client.allowInsecureRequests],
  },
)

See

timeout?

ā€¢ optional timeout?: number

Timeout (in seconds) for the Authorization Server Metadata discovery. If this option is used, then the same timeout value will be assigned to the resolved Configuration instance for use with all its future individual HTTP requests. Default is 30 (seconds)