AgentAuthorizationClient Class

Beta  

Utility to generate OIDC/OAuth tokens for agent or agent applications

  • The application must register a client using the self service registration page.
  • The client type must be "Agent"
  • Use the Client Id/Client Secret/Scopes to create the agent configuration that's passed in.
  • Ensure the application can access the iTwin Project/Asset - in production environments, this is done by using the iTwin project portal to add add the email {Client Id}@apps.imsoidc.bentley.com as an authorized user with the appropriate role that includes the required access permissions.

Extends

Implements

Methods

Name Description
constructor(agentConfiguration: BackendAuthorizationClientConfiguration): AgentAuthorizationClient Creates an instance of BackendAuthorizationClient.  
getAccessToken(requestContext?: ClientRequestContext): Promise<AccessToken> Returns a promise that resolves to the AccessToken of the currently authorized client.  
getToken(requestContext: ClientRequestContext): Promise<AccessToken> Get the access token Deprecated  
refreshToken(requestContext: ClientRequestContext, jwt: AccessToken): Promise<AccessToken> Refresh the access token - simply checks if the token is still valid before re-fetching a new access token Deprecated  

Inherited methods

Name Inherited from Description
applyUserConfiguredHttpRequestOptions(requestOptions: RequestOptions, userDefinedRequestOptions?: HttpRequestOptions): void Protected BackendAuthorizationClient Configures request options based on user defined values in HttpRequestOptions
delete(requestContext: AuthorizedClientRequestContext, relativeUrlPath: string, httpRequestOptions?: HttpRequestOptions): Promise<void> Protected BackendAuthorizationClient used by clients to send delete requests
discoverEndpoints(requestContext: ClientRequestContext): Promise<Issuer<Client>> BackendAuthorizationClient Discover the endpoints of the service
getClient(requestContext: ClientRequestContext): Promise<Client> Protected BackendAuthorizationClient  
getUrl(requestContext: ClientRequestContext): Promise<string> BackendAuthorizationClient Gets the URL of the service.
getUrlSearchKey(): string Protected BackendAuthorizationClient Gets name/key to query the service URLs from the URL Discovery Service ("Buddi")
setupOptionDefaults(options: RequestOptions): Promise<void> Protected BackendAuthorizationClient Augments request options with defaults returned by the DefaultRequestOptionsProvider.

Properties

Name Type Description
hasExpired Accessor ReadOnly boolean Set to true if the user has signed in, but the token has expired and requires a refresh  
hasSignedIn Accessor ReadOnly boolean Set to true if signed in - the accessToken may be active or may have expired and require a refresh  
isAuthorized Accessor ReadOnly boolean Set to true if there's a current authorized user or client (in the case of agent applications).  

Inherited properties

Name Type Inherited from Description
_configuration Protected BackendAuthorizationClientConfiguration BackendAuthorizationClient  
_url Protected undefined | string BackendAuthorizationClient  
baseUrl Protected undefined | string BackendAuthorizationClient Sets the default base URL to use with this client.
searchKey StaticReadonly string BackendAuthorizationClient  

Defined in

Last Updated: 11 June, 2024