Skip to content

SDK-2770 Support central auth token.#562

Open
abdalmajeed-yoti wants to merge 5 commits intodevelopmentfrom
SDK-2770-support-central-auth-token
Open

SDK-2770 Support central auth token.#562
abdalmajeed-yoti wants to merge 5 commits intodevelopmentfrom
SDK-2770-support-central-auth-token

Conversation

@abdalmajeed-yoti
Copy link
Copy Markdown
Contributor

@abdalmajeed-yoti abdalmajeed-yoti commented Mar 9, 2026
edited
Loading

Adds OAuth2 Bearer token authentication as an alternative to the existing RSA signed-request authentication for the IDV client.

What's New

  • AuthTokenGenerator — Generates access tokens via OAuth2 client_credentials grant with PS384-signed JWT assertions.
  • IDVClient — New authToken option, mutually exclusive with sdkId/pem.

Usage

const { IDVClient, AuthTokenGenerator } = require('yoti');

// Generate an access token
const generator = new AuthTokenGenerator(sdkId, pemString);
const tokenResponse = await generator.generate(['idv:sessions']);

// Create IDV client with token auth
const idvClient = new IDVClient(null, null, { authToken: tokenResponse.getAccessToken() });

// Use as usual
const session = await idvClient.createSession(sessionSpec);

Signed-request auth continues to work unchanged:

const idvClient = new IDVClient(sdkId, pemString);

laurent-yoti and others added 5 commits February 2, 2026 12:25
@laurent-yoti
Updated in main package the superagent dependency - as well as eslint…
c4542cc 
… (still below 9 so that shall not fix security warning) and jest.

Updated in examples the version of express (4.22+) - and eslint too.
@laurent-yoti
Flagged in audit-ci.jsonc the eslint vulnerability in the allowed list.
ef01995
@laurent-yoti
Updated eslint-plugin-jest (28 => 29)
33adbf0
@laurent-yoti
Updated .github - Node versions/reviewers
7edb81f 
Added "--ignore-scripts" as flagged by SonarQube
@abdalmajeed-yoti
Support central auth token.
b92c8fc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laurent-yoti laurent-yoti Awaiting requested review from laurent-yoti

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@abdalmajeed-yoti @laurent-yoti