completeOauth()

Overview

Completes the OAuth authentication flow by either signing up or logging in the user, depending on whether a sub-organization already exists for the provided OIDC token.

This function first checks if there is an existing sub-organization associated with the OIDC token.
If a sub-organization exists, it proceeds with the OAuth login flow.
If no sub-organization exists, it creates a new sub-organization and completes the sign-up flow.
Optionally accepts a custom OAuth provider name, session key, and additional sub-organization creation parameters.
Handles session storage and management, and supports invalidating existing sessions if specified.

Package: core

Defined in: core.ts:1525

Parameters

params

object

required

Show params details

params.createSubOrgParams

CreateSubOrgParams

parameters for sub-organization creation (e.g., authenticators, user metadata).

params.invalidateExisting

boolean

flag to invalidate existing sessions for the user.

params.oidcToken

string

required

OIDC token received after successful authentication with the OAuth provider.

params.providerName

string

name of the OAuth provider (defaults to a generated name with a timestamp).

params.publicKey

string

required

public key to use for authentication. Must be generated prior to calling this function, this is because the OIDC nonce has to be set to sha256(publicKey).

params.sessionKey

string

session key to use for session creation (defaults to the default session key).

Response

A successful response returns the following fields:

returns

BaseAuthResult & object

required

A promise that resolves to an object containing:

sessionToken: the signed JWT session token.
action: whether the flow resulted in a login or signup (AuthAction).

clearUnusedKeyPairs()completeOtp()

SDK reference

Overview

Parameters

Response