Function: DPoP()
August 29, 2025 ยท View on GitHub
Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.
โธ DPoP(client, keyPair, options?): DPoPHandle
Returns a wrapper / handle around a CryptoKeyPair that is used for negotiating and proving proof-of-possession to sender-constrain OAuth 2.0 tokens via DPoP at the Authorization Server and Resource Server.
This wrapper / handle also keeps track of server-issued nonces, allowing requests to be retried with a fresh nonce when the server indicates the need to use one. isDPoPNonceError can be used to determine if a rejected error indicates the need to retry the request due to an expired/missing nonce.
Parameters
| Parameter | Type | Description |
|---|---|---|
client | Pick<Client, typeof clockSkew> | - |
keyPair | CryptoKeyPair | Public/private key pair to sign the DPoP Proof JWT with |
options? | ModifyAssertionOptions | - |
Returns
Example
let client!: oauth.Client
let keyPair!: oauth.CryptoKeyPair
let DPoP = oauth.DPoP(client, keyPair)
See
RFC 9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)