OAuth2Adapter

new OAuth2Adapter(options)

Parse Server Configuration

To configure Parse Server for OAuth2 Token Introspection, use the following structure:

{
  "auth": {
    "oauth2Provider": {
      "tokenIntrospectionEndpointUrl": "https://provider.com/introspect",
      "useridField": "sub",
      "appidField": "aud",
      "appIds": ["my-app-id"],
      "authorizationHeader": "Basic dXNlcm5hbWU6cGFzc3dvcmQ=",
      "oauth2": true
    }
  }
}

The adapter requires the following authData fields:

  • id: The user ID provided by the client.
  • access_token: The access token provided by the client.

Auth Payload

Example Auth Payload

{
  "oauth2": {
    "id": "user-id",
    "access_token": "access-token"
  }
}

Notes

  • tokenIntrospectionEndpointUrl is mandatory and should point to a valid OAuth2 provider's introspection endpoint.
  • If appidField is defined, appIds must also be specified to validate the app ID in the introspection response.
  • authorizationHeader can be used to authenticate requests to the token introspection endpoint.
Parameters:
NameTypeDescription
optionsObject

The adapter configuration options.

Properties
NameTypeAttributesDescription
tokenIntrospectionEndpointUrlstring

The URL of the token introspection endpoint. Required.

oauth2boolean

Indicates that the request should be handled by the OAuth2 adapter. Required.

useridFieldstring<optional>

The field in the introspection response that contains the user ID. Optional.

appidFieldstring<optional>

The field in the introspection response that contains the app ID. Optional.

appIdsArray.<string><optional>

List of allowed app IDs. Required if appidField is defined.

authorizationHeaderstring<optional>

The Authorization header value for the introspection request. Optional.

See