# oauth4webapi API Reference

[💗 Help the project](https://github.com/sponsors/panva)

Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by [becoming a sponsor](https://github.com/sponsors/panva).

## Accessing Protected Resources

- [processUserInfoResponse](functions/processUserInfoResponse.md)
- [protectedResourceRequest](functions/protectedResourceRequest.md)
- [userInfoRequest](functions/userInfoRequest.md)

## Authorization Code Grant

- [authorizationCodeGrantRequest](functions/authorizationCodeGrantRequest.md)
- [calculatePKCECodeChallenge](functions/calculatePKCECodeChallenge.md)
- [generateRandomCodeVerifier](functions/generateRandomCodeVerifier.md)
- [issueRequestObject](functions/issueRequestObject.md)
- [processAuthorizationCodeResponse](functions/processAuthorizationCodeResponse.md)
- [validateAuthResponse](functions/validateAuthResponse.md)
- [validateJwtAuthResponse](functions/validateJwtAuthResponse.md)

## Authorization Code Grant w/ OpenID Connect (OIDC)

- [authorizationCodeGrantRequest](functions/authorizationCodeGrantRequest.md)
- [calculatePKCECodeChallenge](functions/calculatePKCECodeChallenge.md)
- [generateRandomCodeVerifier](functions/generateRandomCodeVerifier.md)
- [getValidatedIdTokenClaims](functions/getValidatedIdTokenClaims.md)
- [issueRequestObject](functions/issueRequestObject.md)
- [processAuthorizationCodeResponse](functions/processAuthorizationCodeResponse.md)
- [processUserInfoResponse](functions/processUserInfoResponse.md)
- [userInfoRequest](functions/userInfoRequest.md)
- [validateApplicationLevelSignature](functions/validateApplicationLevelSignature.md)
- [validateAuthResponse](functions/validateAuthResponse.md)
- [validateCodeIdTokenResponse](functions/validateCodeIdTokenResponse.md)
- [validateJwtAuthResponse](functions/validateJwtAuthResponse.md)

## Authorization Server Metadata

- [AuthorizationServer](interfaces/AuthorizationServer.md)
- [discoveryRequest](functions/discoveryRequest.md)
- [processDiscoveryResponse](functions/processDiscoveryResponse.md)

## Client Authentication

- [ClientSecretBasic](functions/ClientSecretBasic.md)
- [ClientSecretJwt](functions/ClientSecretJwt.md)
- [ClientSecretPost](functions/ClientSecretPost.md)
- [None](functions/None.md)
- [PrivateKeyJwt](functions/PrivateKeyJwt.md)
- [TlsClientAuth](functions/TlsClientAuth.md)

## Client Credentials Grant

- [clientCredentialsGrantRequest](functions/clientCredentialsGrantRequest.md)
- [processClientCredentialsResponse](functions/processClientCredentialsResponse.md)

## Client-Initiated Backchannel Authentication (CIBA)

- [backchannelAuthenticationGrantRequest](functions/backchannelAuthenticationGrantRequest.md)
- [backchannelAuthenticationRequest](functions/backchannelAuthenticationRequest.md)
- [getValidatedIdTokenClaims](functions/getValidatedIdTokenClaims.md)
- [processBackchannelAuthenticationGrantResponse](functions/processBackchannelAuthenticationGrantResponse.md)
- [processBackchannelAuthenticationResponse](functions/processBackchannelAuthenticationResponse.md)

## DPoP

- [DPoP](functions/DPoP.md)
- [isDPoPNonceError](functions/isDPoPNonceError.md)

## Device Authorization Grant

- [deviceAuthorizationRequest](functions/deviceAuthorizationRequest.md)
- [deviceCodeGrantRequest](functions/deviceCodeGrantRequest.md)
- [getValidatedIdTokenClaims](functions/getValidatedIdTokenClaims.md)
- [processDeviceAuthorizationResponse](functions/processDeviceAuthorizationResponse.md)
- [processDeviceCodeResponse](functions/processDeviceCodeResponse.md)

## Dynamic Client Registration (DCR)

- [dynamicClientRegistrationRequest](functions/dynamicClientRegistrationRequest.md)
- [processDynamicClientRegistrationResponse](functions/processDynamicClientRegistrationResponse.md)

## Error Codes

- [AUTHORIZATION\_RESPONSE\_ERROR](variables/AUTHORIZATION_RESPONSE_ERROR.md)
- [HTTP\_REQUEST\_FORBIDDEN](variables/HTTP_REQUEST_FORBIDDEN.md)
- [INVALID\_REQUEST](variables/INVALID_REQUEST.md)
- [INVALID\_RESPONSE](variables/INVALID_RESPONSE.md)
- [INVALID\_SERVER\_METADATA](variables/INVALID_SERVER_METADATA.md)
- [JSON\_ATTRIBUTE\_COMPARISON](variables/JSON_ATTRIBUTE_COMPARISON.md)
- [JWT\_CLAIM\_COMPARISON](variables/JWT_CLAIM_COMPARISON.md)
- [JWT\_TIMESTAMP\_CHECK](variables/JWT_TIMESTAMP_CHECK.md)
- [JWT\_USERINFO\_EXPECTED](variables/JWT_USERINFO_EXPECTED.md)
- [KEY\_SELECTION](variables/KEY_SELECTION.md)
- [MISSING\_SERVER\_METADATA](variables/MISSING_SERVER_METADATA.md)
- [PARSE\_ERROR](variables/PARSE_ERROR.md)
- [REQUEST\_PROTOCOL\_FORBIDDEN](variables/REQUEST_PROTOCOL_FORBIDDEN.md)
- [RESPONSE\_BODY\_ERROR](variables/RESPONSE_BODY_ERROR.md)
- [RESPONSE\_IS\_NOT\_CONFORM](variables/RESPONSE_IS_NOT_CONFORM.md)
- [RESPONSE\_IS\_NOT\_JSON](variables/RESPONSE_IS_NOT_JSON.md)
- [UNSUPPORTED\_OPERATION](variables/UNSUPPORTED_OPERATION.md)
- [WWW\_AUTHENTICATE\_CHALLENGE](variables/WWW_AUTHENTICATE_CHALLENGE.md)

## Errors

- [AuthorizationResponseError](classes/AuthorizationResponseError.md)
- [OperationProcessingError](classes/OperationProcessingError.md)
- [ResponseBodyError](classes/ResponseBodyError.md)
- [UnsupportedOperationError](classes/UnsupportedOperationError.md)
- [WWWAuthenticateChallengeError](classes/WWWAuthenticateChallengeError.md)

## FAPI 1.0 Advanced

- [validateApplicationLevelSignature](functions/validateApplicationLevelSignature.md)
- [validateDetachedSignatureResponse](functions/validateDetachedSignatureResponse.md)
- [validateJwtAuthResponse](functions/validateJwtAuthResponse.md)

## FAPI 2.0 Message Signing

- [validateApplicationLevelSignature](functions/validateApplicationLevelSignature.md)
- [validateJwtAuthResponse](functions/validateJwtAuthResponse.md)

## JWT Access Tokens

- [validateJwtAccessToken](functions/validateJwtAccessToken.md)

## JWT Bearer Token Grant Type

- [genericTokenEndpointRequest](functions/genericTokenEndpointRequest.md)
- [processGenericTokenEndpointResponse](functions/processGenericTokenEndpointResponse.md)

## JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)

- [validateJwtAuthResponse](functions/validateJwtAuthResponse.md)

## JWT-Secured Authorization Request (JAR)

- [issueRequestObject](functions/issueRequestObject.md)

## OpenID Connect (OIDC) Discovery

- [discoveryRequest](functions/discoveryRequest.md)
- [processDiscoveryResponse](functions/processDiscoveryResponse.md)

## OpenID Connect (OIDC) UserInfo

- [processUserInfoResponse](functions/processUserInfoResponse.md)
- [userInfoRequest](functions/userInfoRequest.md)
- [validateApplicationLevelSignature](functions/validateApplicationLevelSignature.md)

## Proof Key for Code Exchange (PKCE)

- [calculatePKCECodeChallenge](functions/calculatePKCECodeChallenge.md)
- [generateRandomCodeVerifier](functions/generateRandomCodeVerifier.md)

## Pushed Authorization Requests (PAR)

- [processPushedAuthorizationResponse](functions/processPushedAuthorizationResponse.md)
- [pushedAuthorizationRequest](functions/pushedAuthorizationRequest.md)

## Refreshing an Access Token

- [processRefreshTokenResponse](functions/processRefreshTokenResponse.md)
- [refreshTokenGrantRequest](functions/refreshTokenGrantRequest.md)

## Resource Server Metadata

- [ResourceServer](interfaces/ResourceServer.md)
- [processResourceDiscoveryResponse](functions/processResourceDiscoveryResponse.md)
- [resourceDiscoveryRequest](functions/resourceDiscoveryRequest.md)

## SAML 2.0 Bearer Assertion Grant Type

- [genericTokenEndpointRequest](functions/genericTokenEndpointRequest.md)
- [processGenericTokenEndpointResponse](functions/processGenericTokenEndpointResponse.md)

## Token Exchange Grant Type

- [genericTokenEndpointRequest](functions/genericTokenEndpointRequest.md)
- [processGenericTokenEndpointResponse](functions/processGenericTokenEndpointResponse.md)

## Token Introspection

- [introspectionRequest](functions/introspectionRequest.md)
- [processIntrospectionResponse](functions/processIntrospectionResponse.md)
- [validateApplicationLevelSignature](functions/validateApplicationLevelSignature.md)

## Token Revocation

- [processRevocationResponse](functions/processRevocationResponse.md)
- [revocationRequest](functions/revocationRequest.md)

## Utilities

- [generateKeyPair](functions/generateKeyPair.md)
- [generateRandomCodeVerifier](functions/generateRandomCodeVerifier.md)
- [generateRandomNonce](functions/generateRandomNonce.md)
- [generateRandomState](functions/generateRandomState.md)

## Interfaces

- [AuthorizationDetails](interfaces/AuthorizationDetails.md)
- [BackchannelAuthenticationRequestOptions](interfaces/BackchannelAuthenticationRequestOptions.md)
- [BackchannelAuthenticationResponse](interfaces/BackchannelAuthenticationResponse.md)
- [Client](interfaces/Client.md)
- [ClientCredentialsGrantRequestOptions](interfaces/ClientCredentialsGrantRequestOptions.md)
- [ConfirmationClaims](interfaces/ConfirmationClaims.md)
- [CryptoKeyPair](interfaces/CryptoKeyPair.md)
- [CustomFetchOptions](interfaces/CustomFetchOptions.md)
- [DeviceAuthorizationRequestOptions](interfaces/DeviceAuthorizationRequestOptions.md)
- [DeviceAuthorizationResponse](interfaces/DeviceAuthorizationResponse.md)
- [DiscoveryRequestOptions](interfaces/DiscoveryRequestOptions.md)
- [DPoPHandle](interfaces/DPoPHandle.md)
- [DPoPRequestOptions](interfaces/DPoPRequestOptions.md)
- [DynamicClientRegistrationRequestOptions](interfaces/DynamicClientRegistrationRequestOptions.md)
- [ExportedJWKSCache](interfaces/ExportedJWKSCache.md)
- [GenerateKeyPairOptions](interfaces/GenerateKeyPairOptions.md)
- [HttpRequestOptions](interfaces/HttpRequestOptions.md)
- [IDToken](interfaces/IDToken.md)
- [IntrospectionRequestOptions](interfaces/IntrospectionRequestOptions.md)
- [IntrospectionResponse](interfaces/IntrospectionResponse.md)
- [JWEDecryptOptions](interfaces/JWEDecryptOptions.md)
- [JWK](interfaces/JWK.md)
- [JWKS](interfaces/JWKS.md)
- [JWKSCacheOptions](interfaces/JWKSCacheOptions.md)
- [JWTAccessTokenClaims](interfaces/JWTAccessTokenClaims.md)
- [ModifyAssertionFunction](interfaces/ModifyAssertionFunction.md)
- [ModifyAssertionOptions](interfaces/ModifyAssertionOptions.md)
- [MTLSEndpointAliases](interfaces/MTLSEndpointAliases.md)
- [OAuth2Error](interfaces/OAuth2Error.md)
- [PrivateKey](interfaces/PrivateKey.md)
- [ProcessAuthorizationCodeResponseOptions](interfaces/ProcessAuthorizationCodeResponseOptions.md)
- [ProcessTokenResponseOptions](interfaces/ProcessTokenResponseOptions.md)
- [ProtectedResourceRequestOptions](interfaces/ProtectedResourceRequestOptions.md)
- [PushedAuthorizationRequestOptions](interfaces/PushedAuthorizationRequestOptions.md)
- [PushedAuthorizationResponse](interfaces/PushedAuthorizationResponse.md)
- [RevocationRequestOptions](interfaces/RevocationRequestOptions.md)
- [TokenEndpointRequestOptions](interfaces/TokenEndpointRequestOptions.md)
- [TokenEndpointResponse](interfaces/TokenEndpointResponse.md)
- [UserInfoAddress](interfaces/UserInfoAddress.md)
- [UserInfoRequestOptions](interfaces/UserInfoRequestOptions.md)
- [UserInfoResponse](interfaces/UserInfoResponse.md)
- [ValidateJWTAccessTokenOptions](interfaces/ValidateJWTAccessTokenOptions.md)
- [ValidateSignatureOptions](interfaces/ValidateSignatureOptions.md)
- [WWWAuthenticateChallenge](interfaces/WWWAuthenticateChallenge.md)
- [WWWAuthenticateChallengeParameters](interfaces/WWWAuthenticateChallengeParameters.md)

## Type Aliases

- [ClientAuth](type-aliases/ClientAuth.md)
- [JsonArray](type-aliases/JsonArray.md)
- [JsonObject](type-aliases/JsonObject.md)
- [JsonPrimitive](type-aliases/JsonPrimitive.md)
- [JsonValue](type-aliases/JsonValue.md)
- [JweDecryptFunction](type-aliases/JweDecryptFunction.md)
- [JWKSCacheInput](type-aliases/JWKSCacheInput.md)
- [JWSAlgorithm](type-aliases/JWSAlgorithm.md)
- [OmitSymbolProperties](type-aliases/OmitSymbolProperties.md)
- [ProtectedResourceRequestBody](type-aliases/ProtectedResourceRequestBody.md)
- [RecognizedTokenTypes](type-aliases/RecognizedTokenTypes.md)

## Variables

- [~~allowInsecureRequests~~](variables/allowInsecureRequests.md)
- [clockSkew](variables/clockSkew.md)
- [clockTolerance](variables/clockTolerance.md)
- [customFetch](variables/customFetch.md)
- [expectNoNonce](variables/expectNoNonce.md)
- [expectNoState](variables/expectNoState.md)
- [jweDecrypt](variables/jweDecrypt.md)
- [jwksCache](variables/jwksCache.md)
- [modifyAssertion](variables/modifyAssertion.md)
- [~~nopkce~~](variables/nopkce.md)
- [skipAuthTimeCheck](variables/skipAuthTimeCheck.md)
- [skipStateCheck](variables/skipStateCheck.md)
- [skipSubjectCheck](variables/skipSubjectCheck.md)