Interface: OAuthVerifyOptions

Defined in: http-server-oauth/src/index.ts:140

Options for oauthVerify. Supply either cognitoUserPool (uses CognitoJwtVerifier from @ttoss/auth-core) or a custom verifyToken.

Properties

cognitoUserPool?

optional cognitoUserPool?: CognitoUserPoolConfig

Defined in: http-server-oauth/src/index.ts:142

Amazon Cognito user pool config; the middleware builds a verifier from it.

publicMethods?

optional publicMethods?: string[]

Defined in: http-server-oauth/src/index.ts:157

JSON-RPC methods (read from body.method) that bypass verification, so a client can reach them before authenticating. Defaults to none.

requiredScopes?

optional requiredScopes?: string[]

Defined in: http-server-oauth/src/index.ts:152

Scopes that must all be present on the token. Missing any → 403. Scopes are read from a space-separated scope claim.

resourceMetadataUrl?

optional resourceMetadataUrl?: string

Defined in: http-server-oauth/src/index.ts:162

When set, a 401 responds with WWW-Authenticate: Bearer resource_metadata="<url>" (RFC 9728) instead of a bare Bearer.

verifyToken?

optional verifyToken?: (token) => Promise<unknown>

Defined in: http-server-oauth/src/index.ts:147

Custom token verifier for non-Cognito providers (Auth0, Keycloak, your own JWTs, opaque tokens). Resolve with the verified payload, or throw to reject.

Parameters

Parameter	Type
`token`	`string`

Returns

Promise<unknown>

Properties​

cognitoUserPool?​

publicMethods?​

requiredScopes?​

resourceMetadataUrl?​

verifyToken?​

Parameters​

Returns​