(String) A value of login will force the login page to show regardless of current session. auth0.js, when used in single-page applications, handles the state generation and validation automatically if not specified. For more information, see State Parameter. It is useful to mitigate CSRF attacks and for any contextual information (for example, a return URL) that you might need after the authentication process is finished. (String) An arbitrary value that should be maintained across redirects. (String) The URL to which Auth0 will redirect the browser after authorization has been granted for the user. It defaults to 'token', unless a redirectUri is provided, then it defaults to 'code'. (String) It can be any space separated list of the values code, token, id_token. Include offline_access to get a Refresh Token. You can request any of the standard OIDC scopes about users, such as profile and email, custom claims that must conform to a namespaced format, or any scopes supported by the target API (for example, read:contacts). (String) The scopes which you want to request authorization for. (String) Specifies the connection to use rather than presenting all connections available to the application. The leeway parameter can be used to allow a few seconds of leeway to ID Token expiration times, to prevent that from occurring. (Boolean) Disables the deprecation warnings, defaults to false.īecause of clock skew issues, you may occasionally encounter the error The token was issued in the future. (Integer) A value in seconds leeway to allow for clock skew with regard to ID Token expiration times. Supported values are query, fragment and form_post. Can be set to 'form_post' in order to send the token or code to the 'redirectUri' via POST. (String) This option is omitted by default. If you do not provide a global responseType value, you will need to provide a responseType value for each method you use. It can be any space separated list of the values code, token, id_token. (String) The default audience to be used for requesting API access. You should read our documentation on scopes for further details. Using scopes can allow you to return specific claims for specific fields in your request. (String) The default scope(s) used by the application. If you do not provide a global redirectUri value here, you will need to provide a redirectUri value for each method you use.
0 Comments
Leave a Reply. |