{"id":14155524,"url":"https://github.com/AxaFrance/oidc-client","last_synced_at":"2025-08-06T01:31:53.122Z","repository":{"id":33048759,"uuid":"149462204","full_name":"AxaFrance/oidc-client","owner":"AxaFrance","description":"Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).","archived":false,"fork":false,"pushed_at":"2024-11-27T16:41:06.000Z","size":18811,"stargazers_count":599,"open_issues_count":126,"forks_count":161,"subscribers_count":23,"default_branch":"main","last_synced_at":"2024-11-28T13:52:51.222Z","etag":null,"topics":["axa","context-api","front-end-development","javascript","js","library","nextjs","oauth2","oidc-client","ope","openid","openid-client","openid-connect","react","reactjs","redux","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AxaFrance.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-19T14:18:21.000Z","updated_at":"2024-11-28T10:16:19.000Z","dependencies_parsed_at":"2023-01-16T22:45:24.340Z","dependency_job_id":"2cbb6a91-57ec-4cd6-8206-118ba4ce7150","html_url":"https://github.com/AxaFrance/oidc-client","commit_stats":{"total_commits":1160,"total_committers":72,"mean_commits":16.11111111111111,"dds":0.6844827586206896,"last_synced_commit":"301acfe7c91068c0c985272206fb808d11515827"},"previous_names":["AxaGuilDEv/react-oidc","axaguildev/react-oidc","axafrance/oidc-client"],"tags_count":480,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxaFrance%2Foidc-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxaFrance%2Foidc-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxaFrance%2Foidc-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AxaFrance%2Foidc-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AxaFrance","download_url":"https://codeload.github.com/AxaFrance/oidc-client/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228821405,"owners_count":17977166,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["axa","context-api","front-end-development","javascript","js","library","nextjs","oauth2","oidc-client","ope","openid","openid-client","openid-connect","react","reactjs","redux","security"],"created_at":"2024-08-17T08:03:46.394Z","updated_at":"2024-12-09T02:31:26.223Z","avatar_url":"https://github.com/AxaFrance.png","language":"TypeScript","funding_links":[],"categories":["TypeScript","security"],"sub_categories":[],"readme":"# @axa-fr/oidc-client\n\n[![Continuous Integration](https://github.com/AxaFrance/react-oidc/actions/workflows/npm-publish.yml/badge.svg)](https://github.com/AxaFrance/react-oidc/actions/workflows/npm-publish.yml)\n[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=AxaGuilDEv_react-oidc\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=AxaGuilDEv_react-oidc) [![Reliability](https://sonarcloud.io/api/project_badges/measure?project=AxaGuilDEv_react-oidc\u0026metric=reliability_rating)](https://sonarcloud.io/component_measures?id=AxaGuilDEv_react-oidc\u0026metric=reliability_rating) [![Security](https://sonarcloud.io/api/project_badges/measure?project=AxaGuilDEv_react-oidc\u0026metric=security_rating)](https://sonarcloud.io/component_measures?id=AxaGuilDEv_react-oidc\u0026metric=security_rating) [![Code Coverage](https://sonarcloud.io/api/project_badges/measure?project=AxaGuilDEv_react-oidc\u0026metric=coverage)](https://sonarcloud.io/component_measures?id=AxaGuilDEv_react-oidc\u0026metric=Coverage) [![Twitter](https://img.shields.io/twitter/follow/GuildDEvOpen?style=social)](https://twitter.com/intent/follow?screen_name=GuildDEvOpen)\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://raw.githubusercontent.com/AxaFrance/oidc-client/main/docs/img/introduction.gif\"\n     alt=\"Sample React Oicd\"\n      /\u003e\n\u003c/p\u003e\n\n- [About](#about)\n- [Getting Started](#getting-started)\n- [Run The Demos](#run-the-demos)\n- [How It Works](#how-it-works)\n- Packages\n  - [`@axa-fr/oidc-client`](./packages/oidc-client#readme.md) [![npm version](https://badge.fury.io/js/%40axa-fr%2Foidc-client.svg)](https://badge.fury.io/js/%40axa-fr%2Foidc-client)\n  - [`@axa-fr/react-oidc`](./packages/react-oidc#readme.md) [![npm version](https://badge.fury.io/js/%40axa-fr%2Freact-oidc.svg)](https://badge.fury.io/js/%40axa-fr%2Freact-oidc)\n  - `@axa-fr/svelte-oidc` : we are looking for contributor\n  - `@axa-fr/vue-oidc` : we are looking for contributor\n  - `@axa-fr/angular-oidc` : we are looking for contributor\n- [FAQ](#FAQ)\n- [Migrations](#migrations)\n- [Contribute](#contribute)\n\n## About\n\n**@axa-fr/oidc-client** the lightest and securest library to manage authentication with OpenID Connect (OIDC) and OAuth2 protocol. It is compatible with all OIDC providers.\n**@axa-fr/oidc-client** is a pure javascript library. It works with any JavaScript framework or library.\n**@axa-fr/react-oidc** is for **React** (compatible next.js, etc.), we expect soon to provide one for **Vue**, **Angular** and **Svelte**.\n\nDemos:\n\n- Try the react demo at https://black-rock-0dc6b0d03.1.azurestaticapps.net/ (most advanced)\n- Try the pure javascript demo at https://icy-glacier-004ab4303.2.azurestaticapps.net/\n\n**@axa-fr/oidc-client** is:\n\n- **Secure** :\n  - With Demonstrating Proof of Possession (DPoP), your access_token and refresh_token are not usable outside your browser context (big protection)\n  - With the use of Service Worker, your tokens (refresh_token and/or access_token) are not accessible to the JavaScript client code (if you follow good practices from [`FAQ`](https://github.com/AxaFrance/oidc-client/blob/main/FAQ.md) section)\n  - OIDC using client side Code Credential Grant with pkce only\n- **Lightweight** : Unpacked Size on npm is **274 kB**, Minified `61.1kB`, Minified+GZIPPED `16.8kB` [Pkg stats via Bundlephobia.com](https://bundlephobia.com/package/@axa-fr/react-oidc)\n- **Simple**\n  - refresh_token and access_token are auto refreshed in background\n  - with the use of the Service Worker, you do not need to inject the access_token in every fetch, you have only to configure OidcTrustedDomains.js file\n- **Multiple Authentication** :\n  - You can authenticate many times to the same provider with different scope (for example you can acquire a new 'payment' scope for a payment)\n  - You can authenticate to multiple different providers inside the same SPA (single page application) website\n- **Flexible** :\n  - Work with Service Worker (more secure) and without for older browser (less secure).\n  - You can disable Service Worker if you want (but less secure) and just use SessionStorage or LocalStorage mode.\n\nWorks perfectly well with:\n\n- [Auth0](https://auth0.com/)\n- [Duende Identity Server](https://duendesoftware.com/)\n- [Identity Server 4](https://github.com/IdentityServer/IdentityServer4)\n- Azure AD\n- Google\n- AWS\n- [Keycloak](https://www.keycloak.org/)\n- etc., all OIDC providers\n\n## Getting Started\n\n### Getting Started with @axa-fr/oidc-client\n\n```sh\nnpm install @axa-fr/oidc-client --save\n\n# To install or update OidcServiceWorker.js file, you can run\nnode ./node_modules/@axa-fr/oidc-client/bin/copy-service-worker-files.mjs public\n\n# If you have a \"public\" folder, the 2 files will be created :\n# ./public/OidcServiceWorker.js \u003c-- will be updated at each \"npm install\"\n# ./public/OidcTrustedDomains.js \u003c-- won't be updated if already exist\n```\n\n\u003e [!WARNING]\n\u003e If you use `Service Worker` mode, the `OidcServiceWorker.js` file should always be up to date with the version of the library. You may setup a postinstall script in your `package.json` file to update it at each npm install. For example :\n\n```json\n  \"scripts\": {\n    ...\n    \"postinstall\": \"node ./node_modules/@axa-fr/oidc-client/bin/copy-service-worker-files.mjs public\"\n  },\n```\n\nMore documentation :\n\n- [`@axa-fr/oidc-client`](./packages/oidc-client#readme)\n\n### Getting Started with @axa-fr/react-oidc\n\n```sh\nnpm install @axa-fr/react-oidc --save\n\n# To install or update OidcServiceWorker.js file, you can run\nnode ./node_modules/@axa-fr/react-oidc/bin/copy-service-worker-files.mjs public\n\n# If you have a \"public\" folder, the 2 files will be created :\n# ./public/OidcServiceWorker.js \u003c-- will be updated at each \"npm install\"\n# ./public/OidcTrustedDomains.js \u003c-- won't be updated if already exist\n```\n\n\u003e [!WARNING]\n\u003e If you use Service Worker mode, the OidcServiceWorker.js file should always be up-to-date with the version of the library. You may setup a postinstall script in your package.json file to update it at each npm install. For example :\n\n```json\n  \"scripts\": {\n    ...\n    \"postinstall\": \"node ./node_modules/@axa-fr/react-oidc/bin/copy-service-worker-files.mjs public\"\n  },\n```\n\nMore documentation:\n\n- [`@axa-fr/react-oidc`](./packages/react-oidc#readme)\n\n## Run The Demos\n\n```sh\ngit clone https://github.com/AxaFrance/oidc-client.git\n\ncd oidc-client\npnpm install\n\n# oidc client demo\ncd examples/oidc-client-demo\npnpm install\npnpm start\n# then navigate to http://localhost:5174\n\n# react vite demo\ncd examples/react-oidc-demo\npnpm install\npnpm start\n# then navigate to http://localhost:4200\n\n# react NextJS demo\ncd examples/nextjs-demo\npnpm install\npnpm run dev\n# then navigate to http://localhost:3001\n```\n\n## How It Works\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://raw.githubusercontent.com/AxaFrance/oidc-client/main/docs/img/schema_pcke_client_side_with_service_worker.png\"\n     alt=\"Schema Authorization Code Grant with pcke flow on the using service worker\"\n      /\u003e\n  \u003cbr\u003e\n  The service worker catch \u003cb\u003eaccess_token\u003c/b\u003e and \u003cb\u003erefresh_token\u003c/b\u003e that will never be accessible to the client.\n\u003c/p\u003e\n\nThese components encapsulate the use of \"`@axa-fr/oidc-client`\" in order to hide workflow complexity.\nInternally for \"`@axa-fr/react-oidc`\", native History API is used to be router library agnostic.\n\nMore information about OIDC :\n\n- [French : Augmentez la sécurité et la simplicité de votre Système d’Information OpenID Connect](https://medium.com/just-tech-it-now/augmentez-la-s%C3%A9curit%C3%A9-et-la-simplicit%C3%A9-de-votre-syst%C3%A8me-dinformation-avec-oauth-2-0-cf0732d71284)\n- [English : Increase the security and simplicity of your information system with OpenID Connect](https://medium.com/just-tech-it-now/increase-the-security-and-simplicity-of-your-information-system-with-openid-connect-fa8c26b99d6d)\n- [English: youtube react-oidc introduction](https://www.youtube.com/watch?v=frIJfavZkUE\u0026list=PL8EMdIH6Mzxy2kHtsVOEWqNz-OaM_D_fB\u0026index=1)\n- [French: youtube react-oidc introduction](https://www.youtube.com/watch?v=H-mLMGzQ_y0\u0026list=PL8EMdIH6Mzxy2kHtsVOEWqNz-OaM_D_fB\u0026index=2)\n\n## FAQ\n\n- Frequented Asked Question [`FAQ`](./FAQ.md)\n\n## Migrations\n\n- Migrating from v3 to v4 [`guide`](./MIGRATION_GUIDE_V3_TO_V4.md)\n- Migrating from v3 to v5 [`guide`](./MIGRATION_GUIDE_V3_TO_V5.md)\n- Migrating from v4 to v5 [`guide`](./MIGRATION_GUIDE_V4_TO_V5.md)\n- Migrating from v5 to v6 [`guide`](./MIGRATION_GUIDE_V5_TO_V6.md)\n- Migrating from v6 to v7 [`guide`](./MIGRATION_GUIDE_V6_TO_V7.md)\n\n## Contribute\n\n- [How to run the solution and to contribute](./CONTRIBUTING.md)\n- [Please respect our code of conduct](./CODE_OF_CONDUCT.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAxaFrance%2Foidc-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAxaFrance%2Foidc-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAxaFrance%2Foidc-client/lists"}