Connectum API Reference / @connectum/auth / AuthInterceptorOptions
Interface: AuthInterceptorOptions
Defined in: packages/auth/src/types.ts:115
Generic auth interceptor options
Properties
cache?
optionalcache:CacheOptions
Defined in: packages/auth/src/types.ts:151
LRU cache for credentials verification results. Caches AuthContext by credential string to reduce verification overhead.
extractCredentials()?
optionalextractCredentials: (req) =>string|Promise<string|null> |null
Defined in: packages/auth/src/types.ts:123
Extract credentials from request. Default: extracts Bearer token from Authorization header.
Parameters
req
Request with headers
header
Headers
Returns
string | Promise<string | null> | null
Credential string or null if no credentials found
propagatedClaims?
optionalpropagatedClaims:string[]
Defined in: packages/auth/src/types.ts:158
Filter which claims are propagated in headers (SEC-001). When set, only listed claim keys are included in x-auth-claims header. When not set, all claims are propagated.
propagateHeaders?
optionalpropagateHeaders:boolean
Defined in: packages/auth/src/types.ts:145
Propagate auth context as headers for downstream services.
Default
falseskipMethods?
optionalskipMethods:string[]
Defined in: packages/auth/src/types.ts:139
Methods to skip authentication for. Patterns: "Service/Method" or "Service/*"
Default
[] (health and reflection methods are NOT auto-skipped)verifyCredentials()
verifyCredentials: (
credentials) =>AuthContext|Promise<AuthContext>
Defined in: packages/auth/src/types.ts:132
Verify credentials and return auth context. REQUIRED. Must throw on invalid credentials.
Parameters
credentials
string
Extracted credential string
Returns
AuthContext | Promise<AuthContext>
AuthContext for valid credentials
