This class is an interface, it shouldn't be created directly.


application : Application

The application that this object is associated with.

endpoint : string

The Vulos Identity server endpoint URL.


constructor(application, endpoint?)

This should only get called by classes that inherit the BaseAuth class.

  • application should be an instance of the Application object.

  • endpoint should be a string or a false value (like null or undefined) that represents the Vulos Identity endpoint.

// the constructor is called inside of the createAuth method of `Application`
import { BackendAuth } from "@vulos/identity-node-sdk"
const auth = applicaion.createAuth(BackendAuth)

See Application for more information.

async connect()

Connect the authentication object to the Vulos Identity servers.

This should get called before any other functions.

await auth.connect()


Create a verifier that other functions would take as an argument (as authVerifier).

A verifier is an object that contains some value that will be used to verify if the server's response is valid.

It's recommended create one verifier per authentication request.

const verifier = auth.createVerifier()

async createAuthUrl(authVerifier)

Create an authentication/consent URL for a user.

const url = await auth.createAuthUrl(verifier)
// redirect the user to the URL

async processCallback(authVerifier, params)

Process the callback URL query parameters (or fragment parameters if using the implicit flow) to get a User object.

// req is an object that is supposed to be a HTTP request in this example
const user = await auth.processCallback(verifier, req.query)

async getUserInfo(accessToken)

Get an UserInfo object using an access token provided by OpenID.

const userInfo = await auth.getUserInfo()

This probably shouldn't get called directly, use instead.

async refreshTokens(refreshToken)

Get a new OpenID token set using a refresh token.

const { access_token, refresh_token, id_token, token_type, expires_at} 
    = await auth.refreshTokens(refreshToken)

This probably shouldn't get called directly, it's called automatically when needed.

Last updated