@modelcontextprotocol/sdk
    Preparing search index...

    Function exchangeAuthorization

    • Exchanges an authorization code for an access token with the given server.

      Supports multiple client authentication methods as specified in OAuth 2.1:

      • Automatically selects the best authentication method based on server support
      • Falls back to appropriate defaults when server metadata is unavailable

      Parameters

      • authorizationServerUrl: string | URL

        The authorization server's base URL

      • options: {
            addClientAuthentication?: (
                headers: Headers,
                params: URLSearchParams,
                url: string | URL,
                metadata?: objectOutputType<
                    {
                        authorization_endpoint: ZodString;
                        code_challenge_methods_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        grant_types_supported: ZodOptional<ZodArray<ZodString, "many">>;
                        introspection_endpoint: ZodOptional<ZodString>;
                        introspection_endpoint_auth_methods_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        introspection_endpoint_auth_signing_alg_values_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        issuer: ZodString;
                        registration_endpoint: ZodOptional<ZodString>;
                        response_modes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                        response_types_supported: ZodArray<ZodString, "many">;
                        revocation_endpoint: ZodOptional<ZodString>;
                        revocation_endpoint_auth_methods_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        revocation_endpoint_auth_signing_alg_values_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        scopes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                        service_documentation: ZodOptional<ZodString>;
                        token_endpoint: ZodString;
                        token_endpoint_auth_methods_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                        token_endpoint_auth_signing_alg_values_supported: ZodOptional<
                            ZodArray<ZodString, "many">,
                        >;
                    },
                    ZodTypeAny,
                    "passthrough",
                >,
            ) => void
            | Promise<void>;
            authorizationCode: string;
            clientInformation: {
                client_id: string;
                client_id_issued_at?: number;
                client_secret?: string;
                client_secret_expires_at?: number;
            };
            codeVerifier: string;
            fetchFn?: FetchLike;
            metadata?: objectOutputType<
                {
                    authorization_endpoint: ZodString;
                    code_challenge_methods_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    grant_types_supported: ZodOptional<ZodArray<ZodString, "many">>;
                    introspection_endpoint: ZodOptional<ZodString>;
                    introspection_endpoint_auth_methods_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    introspection_endpoint_auth_signing_alg_values_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    issuer: ZodString;
                    registration_endpoint: ZodOptional<ZodString>;
                    response_modes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                    response_types_supported: ZodArray<ZodString, "many">;
                    revocation_endpoint: ZodOptional<ZodString>;
                    revocation_endpoint_auth_methods_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    revocation_endpoint_auth_signing_alg_values_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    scopes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                    service_documentation: ZodOptional<ZodString>;
                    token_endpoint: ZodString;
                    token_endpoint_auth_methods_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                    token_endpoint_auth_signing_alg_values_supported: ZodOptional<
                        ZodArray<ZodString, "many">,
                    >;
                },
                ZodTypeAny,
                "passthrough",
            >;
            redirectUri: string
            | URL;
            resource?: URL;
        }

        Configuration object containing client info, auth code, etc.

        • OptionaladdClientAuthentication?: (
              headers: Headers,
              params: URLSearchParams,
              url: string | URL,
              metadata?: objectOutputType<
                  {
                      authorization_endpoint: ZodString;
                      code_challenge_methods_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      grant_types_supported: ZodOptional<ZodArray<ZodString, "many">>;
                      introspection_endpoint: ZodOptional<ZodString>;
                      introspection_endpoint_auth_methods_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      introspection_endpoint_auth_signing_alg_values_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      issuer: ZodString;
                      registration_endpoint: ZodOptional<ZodString>;
                      response_modes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                      response_types_supported: ZodArray<ZodString, "many">;
                      revocation_endpoint: ZodOptional<ZodString>;
                      revocation_endpoint_auth_methods_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      revocation_endpoint_auth_signing_alg_values_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      scopes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                      service_documentation: ZodOptional<ZodString>;
                      token_endpoint: ZodString;
                      token_endpoint_auth_methods_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                      token_endpoint_auth_signing_alg_values_supported: ZodOptional<
                          ZodArray<ZodString, "many">,
                      >;
                  },
                  ZodTypeAny,
                  "passthrough",
              >,
          ) => void
          | Promise<void>
        • authorizationCode: string
        • clientInformation: {
              client_id: string;
              client_id_issued_at?: number;
              client_secret?: string;
              client_secret_expires_at?: number;
          }
        • codeVerifier: string
        • OptionalfetchFn?: FetchLike
        • Optionalmetadata?: objectOutputType<
              {
                  authorization_endpoint: ZodString;
                  code_challenge_methods_supported: ZodOptional<ZodArray<ZodString, "many">>;
                  grant_types_supported: ZodOptional<ZodArray<ZodString, "many">>;
                  introspection_endpoint: ZodOptional<ZodString>;
                  introspection_endpoint_auth_methods_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
                  introspection_endpoint_auth_signing_alg_values_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
                  issuer: ZodString;
                  registration_endpoint: ZodOptional<ZodString>;
                  response_modes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                  response_types_supported: ZodArray<ZodString, "many">;
                  revocation_endpoint: ZodOptional<ZodString>;
                  revocation_endpoint_auth_methods_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
                  revocation_endpoint_auth_signing_alg_values_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
                  scopes_supported: ZodOptional<ZodArray<ZodString, "many">>;
                  service_documentation: ZodOptional<ZodString>;
                  token_endpoint: ZodString;
                  token_endpoint_auth_methods_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
                  token_endpoint_auth_signing_alg_values_supported: ZodOptional<
                      ZodArray<ZodString, "many">,
                  >;
              },
              ZodTypeAny,
              "passthrough",
          >
        • redirectUri: string | URL
        • Optionalresource?: URL

      Returns Promise<
          {
              access_token: string;
              expires_in?: number;
              id_token?: string;
              refresh_token?: string;
              scope?: string;
              token_type: string;
          },
      >

      Promise resolving to OAuth tokens

      When token exchange fails or authentication is invalid

    Settings

    Member Visibility