auth.provider API
    Preparing search index...

    Interface FederationRedirectPolicy

    Consumer-facing redirect URL validation and callback redirect resolution.

    Distinct from FederationProvider (upstream IdP protocol) — this interface is the consumer's allowed-redirect-URL policy for a named federation. Consumers can replace this independently of the IdP integration.

    Per A5 §5.2.

    interface FederationRedirectPolicy {
        resolveCallbackRedirect(
            session: { redirectTo?: string },
        ): FederationResult<string>;
        validateRedirect(url: string): FederationResult<void>;
    }
    Index

    Methods

    resolveCallbackRedirect validateRedirect

    Methods

    • Resolve the post-callback redirect URL from the session's redirectTo.

      Returns { ok: true, value: string } with the resolved redirect URL on success; otherwise returns a FederationResult failure.

      Same behavior contract as the v0.4.x FederationProvider.resolveCallbackRedirect method that this replaces.

      Parameters

      • session: { redirectTo?: string }

      Returns FederationResult<string>

    • URL-pattern validation for a consumer-supplied redirect_to.

      Returns { ok: true } when the URL passes the policy's allowlist; otherwise returns a FederationResult failure with HTTP status code, OAuth error code, and error description suitable for direct response.

      Same behavior contract as the v0.4.x FederationProvider.validateRedirect method that this replaces.

      Parameters

      • url: string

      Returns FederationResult<void>

    Settings

    Member Visibility

    On This Page

    Methods