Interface CustomHeaderAuthOptions

Options for creating the custom header auth middleware.

interface CustomHeaderAuthOptions {
    headerName: string;
    requiredScopes?: readonly string[];
    verifier: TokenVerifier;
}

Properties

headerName: string

Header name to extract the token from (e.g. 'X-API-Key')

requiredScopes?: readonly string[]

Required scopes for all requests through this middleware. Requests without ALL listed scopes are rejected with 403.

Token verifier to validate the extracted header value