ReadonlyproviderAuthentication provider (full OAuth or token verifier)
Optional ReadonlyrequiredRequired OAuth scopes for all requests through this middleware. Requests without ALL listed scopes are rejected with 403.
Optional ReadonlyresourceProtected Resource Metadata URL (RFC 9728).
Included in WWW-Authenticate headers for 401 responses.
Options for creating the bearer auth middleware.