apiac_auth_bearer v1.1.0 APIacAuthBearer.Validator.Introspect View Source
An implementation of client Bearer validation conforming to RFC7662
This validator accepts the following options:
issuer
: an OAuth2 issuer whose metadata will be resolved byOAuth2MetadataUpdater
. When using this option, make sure you have addedOAuth2MetadataUpdater
in youmix.exs
file. The option value is one of:"issueruri"
: metadata will be resolved directly on this URI{"issueruri", opts}
: metadata will be resolved withopts
passed as params to OAuth2MetadataUpdater
introspection_endpoint
: the URI of the introspection endpoint. Note that theissuer
option has precedence over theintrospection_endpoint
optiontesla_middlewares
: a list ofTesla.Middleware
s that will sequentially be called before requesting the introspection endpoint. Use it to authenticate to the OAuth2 authorization server.
OAuth2MetadataUpdater
When using the issueruri
option, make sure to include the OAuth2MetadataUpdater
library in the list of your dependencies, as the process or fetching metadata
information (including the introspection_endpoint
parameter) is implemented
in that library and not in this one.