OidcAgentClient Class


Utility to generate OIDC/OAuth tokens for agent or service applications

  • The application must register a client using the self service registration page.
  • The client type must be "Agent"
  • Use the Client Id/Client Secret/Scopes to create the agent configuration that's passed in.
  • Ensure the application can access the Connect Project/Asset - in production environments, this is done by using the connect project portal to add add the email {Client Id}@apps.imsoidc.bentley.com as an authorized user with the appropriate role that includes the required access permissions.




Name Description
constructor(agentConfiguration: OidcAgentClientConfiguration): OidcAgentClient    
getAccessToken(requestContext?: ClientRequestContext): Promise<AccessToken> Returns a promise that resolves to the AccessToken of the currently authorized client.  
getToken(requestContext: ClientRequestContext): Promise<AccessToken> Get the access token Deprecated
refreshToken(requestContext: ClientRequestContext, jwt: AccessToken): Promise<AccessToken> Refresh the access token - simply checks if the token is still valid before re-fetching a new access token Deprecated

Inherited methods

Name Inherited from Description
createToken(tokenSet: TokenSet, userInfo?: UserInfo): AccessToken Protected OidcBackendClient  
delete(requestContext: AuthorizedClientRequestContext, relativeUrlPath: string): Promise<void> Protected Client used by clients to send delete requests
discoverEndpoints(requestContext: ClientRequestContext): Promise<Issuer> OidcBackendClient Discover the endpoints of the service
getClient(requestContext: ClientRequestContext): Promise<OpenIdClient> Protected OidcBackendClient  
getUrl(requestContext: ClientRequestContext): Promise<string> Client Gets the URL of the service.
getUrlSearchKey(): string Protected OidcClient Gets name/key to query the service URLs from the URL Discovery Service ("Buddi")
setupOptionDefaults(options: RequestOptions): Promise<void> Protected Client Augments request options with defaults returned by the DefaultRequestOptionsProvider.
parseUserInfo(jwt: string): UserInfo | undefined Static OidcBackendClient  


Name Type Description
hasExpired Accessor ReadOnly boolean Set to true if the user has signed in, but the token has expired and requires a refresh  
hasSignedIn Accessor ReadOnly boolean Set to true if signed in - the accessToken may be active or may have expired and require a refresh  
isAuthorized Accessor ReadOnly boolean Set to true if there's a current authorized user or client (in the case of agent applications).  

Inherited properties

Name Type Inherited from Description
_configuration Protected OidcBackendClientConfiguration OidcBackendClient  
_url Protected undefined | string Client  
searchKey Static string OidcClient  

Defined in

Last Updated: 12 February, 2020