Connectum API Reference / @connectum/auth / InternalTrustSource

Type Alias: InternalTrustSource

InternalTrustSource = (req) => AuthContext | null | Promise<AuthContext | null>

Defined in: packages/auth/src/types.ts:336

A pluggable internal trust source (ADR-029).

Given the incoming request, returns an AuthContext for the calling service when the internal trust marker is present and valid, or null when it is missing/invalid. createInternalAuthInterceptor converts null (and any thrown error from the trust source) into Code.Unauthenticated.

The returned AuthContext.subject is the service identity; roles/scopes come from the trust source (allow-list entry or verified token claims) so the call composes with the existing requires {roles,scopes} authz model.

Parameters

req

The request (read-only access to headers).

Headers

Returns

AuthContext | null | Promise<AuthContext | null>

AuthContext for a trusted internal caller, or null to reject.

proto

Type Aliases

Variables

testing

Interfaces

Variables

Functions

proto-sync

Interfaces

Variables

Functions

reflection

Interfaces

Functions

types

Interfaces

Type Aliases

Variables

types

Interfaces

Type Aliases

types

Interfaces

Type Aliases

Variables

types

Interfaces

types

Interfaces

types

Interfaces

bulkhead

Functions

circuit-breaker

Functions

defaults

Interfaces

Functions

errorHandler

Functions

fallback

Functions

logger

Functions

method-filter

Functions

retry

Functions

serializer

Functions

timeout

Functions

attributes

Type Aliases

Variables

client-interceptor

Functions

interceptor

Functions

logger

Interfaces

Functions

meter

Functions

metrics

Interfaces

Functions

provider

Interfaces

Functions

shared

Interfaces

Functions

traceAll

Functions

traced

Functions

tracer

Functions

Type Alias: InternalTrustSource ​

Type Alias: InternalTrustSource