The openid-client npm package provides an implementation of OpenID Relying Party (RP, Client) for the Node.js runtime. It supports various OpenID Connect/OAuth2.0 specifications such as OpenID Connect Core 1.0, OpenID Connect Discovery 1.0, RFC7009 - OAuth 2.0 Token revocation, RFC8628 - OAuth 2.0 Device Authorization Grant (Device Flow), and more. The package assists in consuming OpenID Connect Authorization Server responses and wrapping around requests to its endpoints.

How do you use openid-client?

Installing and using openid-client is straightforward with npm. First, install the package:

npm install openid-client

Once installed, you can require the package and use its various functionalities in your Node.js application. Here are examples for different use cases:

Discover an Issuer configuration using its published .well-known endpoints:

import { Issuer } from 'openid-client';

const googleIssuer = await Issuer.discover('https://accounts.google.com');
console.log('Discovered issuer %s %O', googleIssuer.issuer, googleIssuer.metadata);

Authorization Code Flow:

import { generators } from 'openid-client';

const client = new googleIssuer.Client({
  client_id: 'your_client_id',
  client_secret: 'your_secret_key',
  redirect_uris: ['http://localhost:3000/cb'],
  response_types: ['code'],
});
const code_verifier = generators.codeVerifier();
const code_challenge = generators.codeChallenge(code_verifier);

Multiple other examples for Authorization Code Flow, Implicit ID Token Flow, Device Authorization Grant (Device Flow) can be found in the package’s readme file.

Where are the openid-client docs?

For a comprehensive understanding of the openid-client npm package, you can review its official documentation on GitHub. The documentation covers various aspects such as Issuer, Client, Customizing, TokenSet, Strategy, generators, and errors.