Skip to content

Graphorin API reference v0.7.0


Graphorin API reference / @graphorin/security / / CreateOAuthClientOptions

Interface: CreateOAuthClientOptions

Defined in: packages/security/src/oauth/types.ts:76

Configuration options for createOAuthClient(...).

Stable

Properties

PropertyModifierTypeDescriptionDefined in
logger?readonly(level, message, fields?) => voidOptional logger.packages/security/src/oauth/types.ts:105
metadata?readonlyDiscoveredMetadataOptional pre-discovered metadata (skip the network round-trip).packages/security/src/oauth/types.ts:103
refreshAheadMs?readonlynumberRefresh-ahead window in ms. On the client itself this only colours status() labels ('expiring-soon'); the proactive refresh that uses the window lives in the MCP bridge's authorization provider (createOAuthAuthorizationProvider), which refreshes when the persisted expiry is within its own refreshAheadMs (SPL-12).packages/security/src/oauth/types.ts:101
registration?readonlyOAuthRegistrationStored / persistent registration metadata.packages/security/src/oauth/types.ts:82
secretsStore?readonlySecretsStoreSecrets store the actual tokens are persisted into (SPL-1). When supplied, persistSession writes the access / refresh / id tokens under the oauth:<serverId>:<kind> keys the record's refs point at, and refresh / revoke / status resolve them back - so sessions survive process restarts. Without it, tokens live only in process memory (the pre-SPL-1 behavior, documented).packages/security/src/oauth/types.ts:93
serverIdreadonlystringStable identifier; persisted into the OAuthServerStore.packages/security/src/oauth/types.ts:78
serverUrlreadonlystringBase URL of the OAuth-protected resource server.packages/security/src/oauth/types.ts:80
storagereadonlyOAuthServerStorePersistent storage for the registration + token-ref metadata.packages/security/src/oauth/types.ts:84