{"id":22253061,"url":"https://github.com/plusauth/oidc-client-js","last_synced_at":"2025-10-27T22:12:50.046Z","repository":{"id":62239826,"uuid":"286035293","full_name":"PlusAuth/oidc-client-js","owner":"PlusAuth","description":"OpenID Connect (OIDC) and OAuth2 library for browser-based JavaScript applications.","archived":false,"fork":false,"pushed_at":"2025-04-10T10:22:08.000Z","size":3923,"stargazers_count":13,"open_issues_count":1,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-13T18:22:21.718Z","etag":null,"topics":["authentication","javascript","jwt","oauth2","oauth2-library","oidc","oidc-client","openid-connect","openid-connect-client","plusauth","typescript"],"latest_commit_sha":null,"homepage":"https://plusauth.github.io/oidc-client-js/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PlusAuth.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-08-08T12:03:13.000Z","updated_at":"2025-04-11T02:41:34.000Z","dependencies_parsed_at":"2024-03-20T16:50:58.045Z","dependency_job_id":"4a3872ee-ea85-4558-be3d-35f530e12fe0","html_url":"https://github.com/PlusAuth/oidc-client-js","commit_stats":{"total_commits":186,"total_committers":2,"mean_commits":93.0,"dds":"0.032258064516129004","last_synced_commit":"c6474f3375331c71a7530991f04a0ea1f90b973e"},"previous_names":[],"tags_count":35,"template":false,"template_full_name":null,"purl":"pkg:github/PlusAuth/oidc-client-js","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PlusAuth%2Foidc-client-js","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PlusAuth%2Foidc-client-js/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PlusAuth%2Foidc-client-js/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PlusAuth%2Foidc-client-js/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PlusAuth","download_url":"https://codeload.github.com/PlusAuth/oidc-client-js/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PlusAuth%2Foidc-client-js/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267468295,"owners_count":24092317,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-28T02:00:09.689Z","response_time":68,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","javascript","jwt","oauth2","oauth2-library","oidc","oidc-client","openid-connect","openid-connect-client","plusauth","typescript"],"created_at":"2024-12-03T07:16:03.752Z","updated_at":"2025-10-27T22:12:49.927Z","avatar_url":"https://github.com/PlusAuth.png","language":"TypeScript","readme":"## @plusauth/oidc-client-js\n\n\u003ca href=\"https://github.com/PlusAuth/oidc-client-js/actions?query=workflow%3Aci\"\u003e\n\u003cimg src=\"https://github.com/PlusAuth/oidc-client-js/workflows/ci/badge.svg\" alt=\"Build Status\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.com/package/@plusauth/oidc-client-js\"\u003e\n\u003cimg alt=\"npm\" src=\"https://img.shields.io/npm/v/@plusauth/oidc-client-js?label=latest%20\u0026logo=npm\u0026style=flat\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.com/package/@plusauth/oidc-client-js\"\u003e\n\u003cimg alt=\"npm bundle size (scoped)\" src=\"https://img.shields.io/bundlephobia/min/@plusauth/oidc-client-js@latest?label=minified%20size\u0026style=flat\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.com/package/@plusauth/oidc-client-js\"\u003e\n\u003cimg alt=\"npm bundle size (scoped)\" src=\"https://img.shields.io/bundlephobia/minzip/@plusauth/oidc-client-js@latest?color=darkgreen\u0026label=minzipped%20size\u0026style=flat\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://codecov.io/gh/PlusAuth/oidc-client-js\"\u003e\n\u003cimg alt=\"Codecov\" src=\"https://img.shields.io/codecov/c/gh/PlusAuth/oidc-client-js?logo=codecov\u0026style=flat\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://snyk.io/test/github/PlusAuth/oidc-client-js\"\u003e\n\u003cimg src=\"https://img.shields.io/snyk/vulnerabilities/github/PlusAuth/oidc-client-js?style=flat\" alt=\"Vulnerabilities\"\u003e\n\u003c/a\u003e\n\u003ca href=\"https://github.com/PlusAuth/oidc-client-js/blob/master/LICENSE\"\u003e\n\u003cimg alt=\"license\" src=\"https://img.shields.io/npm/l/@plusauth/oidc-client-js?style=flat\"\u003e\n\u003c/a\u003e\n\nOpenID Connect (OIDC) and OAuth2 library for browser based JavaScript applications.\n\n### Features\n- Silent Authentication\n- Automatic Access Token Renewal\n- [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)\n- [Session Management](https://openid.net/specs/openid-connect-session-1_0.html) (with logout functionality)\n- [PKCE](https://tools.ietf.org/html/rfc7636)\n- JWT payload validation\n- Can be used with any OAuth 2.0 / OpenID Connect provider\n- Cross tab/window login synchronization\n- Dispatches single request per tab/window to prevent inconsistency\n- Official TypeScript support\n\n### Table of Contents\n- [Installation](#installation)\n- [Documentation](#documentation)\n- [Access Token Refreshing](#automatically-renew-access-token)\n- [Use Refresh Token](#use-refresh-tokens-for-access-token-renewal)\n- [Login with Popup](#login-with-popup)\n- [Additional Methods](#additional-methods)\n- [Examples](/examples)\n\n## Installation\nFrom the CDN:\n\n```html\n\u003cscript src=\"https://unpkg.com/@plusauth/oidc-client-js@1.5.0/dist/oidc-client.min.js\"\u003e\u003c/script\u003e\n```\n\nUsing package managers:\n```bash\nnpm install @plusauth/oidc-client-js\nyarn add @plusauth/oidc-client-js\npnpm add @plusauth/oidc-client-js\n```\n\n## Documentation\n\n### Initialization\nCreate the `OIDCClient` instance before rendering or initializing your application.\n\n```js\nimport { OIDCClient } from '@plusauth/oidc-client-js';\n\nconst oidcClient = new OIDCClient({\n  issuer: 'YOUR_OIDC_PROVIDER',\n  client_id: 'YOUR_CLIENT_ID',\n  redirect_uri: 'YOUR_CALLBACK_PAGE_URI'\n});\n\noidcClient.initialize().then( function(){\n  // client initialized\n})\n```\n\nOr with create helper method:\n\n```js\nimport createOIDCClient from '@plusauth/oidc-client-js';\n\ncreateOIDCClient({\n  issuer: 'YOUR_OIDC_PROVIDER',\n  client_id: 'YOUR_CLIENT_ID',\n  redirect_uri: 'YOUR_CALLBACK_PAGE_URI'\n}).then(oidcClient =\u003e {\n  //...\n});\n```\n\nUsing `createOIDCClient` does a couple of things automatically:\n\n* It creates an instance of `OIDCClient`.\n* It calls `silentLogin` to refresh the user session.\n* It suppresses all errors from `silentLogin`.\n\n### Create callback page\nOpenID Connect / OAuth2 authorization flows require a redirect uri to return the authorization result back. Create a\npage and register its url to your client's allowed redirect uris. In your page initialize OIDCClient and all you\nneed to do is call `loginCallback` method.\n\n```js\noidcClient.loginCallback()\n.then( function(localState){\n  // successful login\n  console.log('User successfully logged in')\n})\n.catch( function(error) {\n  console.error('Authorization error:', error)\n })\n```\n\n### Login and get user info\n\nCreate a login button users can click.\n\n```html\n\u003cbutton id=\"login\"\u003eLogin\u003c/button\u003e\n```\n\nIn the click event handler of button you created, call login method for redirecting user to provider's login page\n. Make sure `redirect_uri` is registered on the provider, and you have created a callback handler as defined in [above\n](#create-callback-page).\n\n```js\ndocument.getElementById('login').addEventListener('click', function() {\n  oidcClient.login({\n    redirect_uri: 'http://localhost:8080/'\n  });\n});\n```\n\n\n### Make authenticated requests to your API\n\nAfter user is successfully logged in we can use access_token retrieved from authentication response to call the API.\n\n```html\n\u003cbutton id=\"makeRequest\"\u003eMake Request\u003c/button\u003e\n```\n\nOn the event handler you can get access token and use it like this:\n\n```js\ndocument.getElementById('makeRequest').addEventListener('click', function () {\n oidcClient.getAccessToken().then(accessToken =\u003e\n       fetch('https://any.exampleapi.com/api', {\n         method: 'GET',\n         headers: {\n           Authorization: 'Bearer ' + accessToken\n         }\n       })\n     )\n     .then(result =\u003e result.json())\n     .then(data =\u003e {\n       console.log(data);\n     });\n});\n```\n\n### Logout\n\nAdd a logout button.\n\n```html\n\u003cbutton id=\"logout\"\u003eLogout\u003c/button\u003e\n```\n\nIn event handler, call equivalent method.\n```js\ndocument.getElementById('logout').addEventListener('click', function(){\n  oidcClient.logout();\n});\n```\n\n## Automatically renew access token\nGenerally, access tokens have a short lifetime, so it is common to renew the access token before its expiration.\nThis feature is enabled by default, but you can disable it by passing `autoSilentRenew: false` to client options.\n\n```js\nnew OIDCClient({\n  autoSilentRenew: false,\n  ...// other options\n})\n```\n\n### Use different callback page for silent renew\nIn silent renew the library performs the flow in a hidden iframe. When you are developing a single page application,\nassuming your callback page is handled by the app itself, the iframe will load your whole application after the\noauth2 redirection.\n\nYou can prevent this overhead by creating a different page which will handle silent renew only. To accomplish this you\nshould pass `silent_redirect_uri` to client options which should have your silent redirect handler page uri. If you don't use\n`silent_redirect_uri`, `redirect_uri` will be used instead. Don't forget to include it to your providers redirect uri whitelist.\n\nHave a look at following snippets for an example:\n```js\n// auth.js\nimport { OIDCClient } from '@plusauth/oidc-client-js';\n\nconst oidcClient = new OIDCClient({\n  redirect_uri: 'https://YOUR_SITE/callback'\n  silent_redirect_uri: 'https://YOUR_SITE/silent-renew.html',\n  ...//other options\n});\n```\n\n\n\n```html\n\u003c!-- silent-renew.html --\u003e\n\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n  \u003cmeta charset=\"utf-8\"\u003e\n  \u003cscript src=\"https://unpkg.com/@plusauth/oidc-client-js/dist/plusauth-oidc-client.umd.js\"\u003e\u003c/script\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003cscript type=\"application/javascript\" \u003e\n    new PlusAuthOIDCClient.OIDCClient({\n      issuer: 'YOUR_OIDC_PROVIDER'\n    }).loginCallback()\n\u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\n## Use Refresh Tokens for access token renewal\nConfigure the library by passing the setting `useRefreshTokens` to `true` on initialization:\n\n```js\nconst oidcClient = new OIDCClient({\n  issuer: 'YOUR_OIDC_ISSUER',\n  client_id: 'YOUR_CLIENT-ID',\n  useRefreshTokens: true\n});\n```\n\n\n\u003cdiv class=\"custom-block alert info\"\u003e\n  \u003cdiv class=\"custom-block-body\"\u003e\n    \u003cp\u003e\n\nDon't forget to include `offline_access` in your scope for retrieving refresh tokens. If there is not any refresh\ntoken stored locally, the library will fallback to using silent authorization request.\n\u003c/p\u003e\n  \u003c/div\u003e\n\u003c/div\u003e\n\n## Login with popup\n\nCreate a button to trigger login.\n\n```html\n\u003cbutton id=\"loginWithPopup\"\u003eLogin\u003c/button\u003e\n```\n\nAttach event listener and call `loginWithPopup` method of your initialized oidc client.\n\n```js\ndocument.getElementById('loginWithPopup').click(async () =\u003e {\n  await oidcClient.loginWithPopup();\n});\n```\n\n\u003cdiv class=\"custom-block alert warning\"\u003e\n  \u003cdiv class=\"custom-block-body\"\u003e\n    \u003cp\u003e\nMost browsers block popups if they are not happened as a result of user actions. In order to display\nlogin popup you must call `loginWithPopup` in an event handler listening for a user action like button click.\n    \u003c/p\u003e\n  \u003c/div\u003e\n\u003c/div\u003e\n\n## Additional methods\nYou can access user, access token, refresh token, id token and scopes with followings. Using getter methods are always the\nsafe bet as they will read from store. Direct access of those variables may result unexpectedly if you modify them in your app.\nDirect variables are created by listening the `user_login` and `user_logout` events.\n\n### Get User\n\n```js\n  const user = await oidcClient.getUser();\n  // or\n  const user = oidcClient.user\n```\n\n### Get Access Token\n\n```js\n  const accessToken = await oidcClient.getAccessToken();\n  // or\n  const accessToken = oidcClient.accessToken\n```\n\n### Get ID Token\n\n```js\n  const idToken = await oidcClient.getIdToken();\n  // or\n  const idToken = oidcClient.idToken\n```\n\n### Get Refresh Token\n\n```js\n  const refreshToken = await oidcClient.getRefreshToken();\n  // or\n  const refreshToken = oidcClient.refreshToken\n```\n\n### Get Scopes\n\n```js\n  const scopes = await oidcClient.getScopes();\n  // or\n  const scopes = oidcClient.scopes\n```\n\n\n## Api Docs\nPlease visit [here](https://plusauth.github.io/oidc-client-js/classes/OIDCClient.html)\n\n## Examples\nHave a look at [examples directory](/examples) for various examples\n\n### Browser Support\n[Browserlist Coverage](https://browsersl.ist/#q=defaults)\n\nThis library uses global fetch api. If your app requires to be working in environment that does not have `fetch`\nyou must use a polyfill like [whatwg-fetch](https://github.com/github/fetch).\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplusauth%2Foidc-client-js","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fplusauth%2Foidc-client-js","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplusauth%2Foidc-client-js/lists"}