Interface CrossAppAccessProviderOptions

Options for creating a CrossAppAccessProvider.

interface CrossAppAccessProviderOptions {
    assertion: AssertionCallback;
    clientId: string;
    clientName?: string;
    clientSecret: string;
    fetchFn?: FetchLike;
}

Index

Properties

assertion clientId clientName? clientSecret fetchFn?

Properties

assertion

assertion: AssertionCallback

Callback function that provides a JWT Authorization Grant (ID-JAG).

The callback receives the MCP server's authorization server URL, resource URL, and requested scope, and should return a JWT Authorization Grant obtained from the enterprise IdP via RFC 8693 token exchange.

You can use the utility functions from the crossAppAccess module for standard flows, or implement custom logic.

Example

assertion: async (ctx) => {
    const result = await discoverAndRequestJwtAuthGrant({
        idpUrl: 'https://idp.example.com',
        audience: ctx.authorizationServerUrl,
        resource: ctx.resourceUrl,
        idToken: await getIdToken(),
        clientId: 'my-idp-client',
        clientSecret: 'my-idp-secret',
        scope: ctx.scope,
        fetchFn: ctx.fetchFn
    });
    return result.jwtAuthGrant;
}

clientId

clientId: string

The client_id registered with the MCP server's authorization server.

`Optional`clientName

clientName?: string

Optional client name for metadata.

clientSecret

clientSecret: string

The client_secret for authenticating with the MCP server's authorization server.

`Optional`fetchFn

fetchFn?: FetchLike

Custom fetch implementation. Defaults to global fetch.

Interface CrossAppAccessProviderOptions

Index

Properties

Properties

assertion

Example

clientId

`Optional`clientName

clientSecret

`Optional`fetchFn

Settings

On This Page

Interface CrossAppAccessProviderOptions

Index

Properties

Properties

assertion

Example

clientId

OptionalclientName

clientSecret

OptionalfetchFn

Settings

On This Page

`Optional`clientName

`Optional`fetchFn