Custom Token Exchange #1344
Merged
Custom Token Exchange #1344
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Contributor
|
@tusharpandey13 we should also updated |
gyaneshgouraw-okta
previously approved these changes
Mar 6, 2025
gyaneshgouraw-okta
approved these changes
Mar 6, 2025
| subject_token: options.subject_token, | ||
| subject_token_type: options.subject_token_type, | ||
| scope: getUniqueScopes(options.scope, this.scope), | ||
| audience: this.options.authorizationParams.audience |
Member
There was a problem hiding this comment.
options contains audience, but it is never used.
This should be:
Suggested change
| audience: this.options.authorizationParams.audience | |
| audience: options.audience || this.options.authorizationParams.audience | |
Member
There was a problem hiding this comment.
Additionally, options can contain any custom property, but this is never passed through.
Merged
tusharpandey13
added a commit
that referenced
this pull request
May 28, 2025
**Added** - Custom Token Exchange [\#1344](#1344) ([tusharpandey13](https://github.com/tusharpandey13)) - Add RL-Secure workflow for scanning build artifacts [\#1281](#1281) ([developerkunal](https://github.com/developerkunal)) **Changed** - build(deps-dev): Bump ejs from 3.1.8 to 3.1.10 [\#1267](#1267) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump braces from 3.0.2 to 3.0.3 [\#1278](#1278) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump axios from 1.6.2 to 1.7.7 [\#1298](#1298) ([dependabot[bot]](https://github.com/apps/dependabot)) - Changed the trigger from pull_request_target to pull_request for better security [\#1297](#1297) ([gyaneshgouraw-okta](https://github.com/gyaneshgouraw-okta)) - Update codeowner file with new GitHub team name [\#1288](#1288) ([stevenwong-okta](https://github.com/stevenwong-okta)) - build(deps-dev): Bump typedoc from 0.25.4 to 0.25.9 [\#1250](#1250) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps): Bump codecov/codecov-action from 3.1.4 to 3.1.5 [\#1238](#1238) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps): Bump actions/cache from 3 to 4 [\#1236](#1236) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump eslint from 8.55.0 to 8.56.0 [\#1223](#1223) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps): Bump github/codeql-action from 2 to 3 [\#1221](#1221) ([dependabot[bot]](https://github.com/apps/dependabot)) - Update automated release process to latest version [\#1222](#1222) ([frederikprijck](https://github.com/frederikprijck)) - build(deps-dev): Bump browserstack-cypress-cli from 1.27.0 to 1.28.0 [\#1220](#1220) ([dependabot[bot]](https://github.com/apps/dependabot)) - Use outputs for capturing release-notes [\#1218](#1218) ([frederikprijck](https://github.com/frederikprijck)) - build(deps-dev): Bump rollup-plugin-visualizer from 5.10.0 to 5.11.0 [\#1215](#1215) ([dependabot[bot]](https://github.com/apps/dependabot)) **Fixed** - chore: migrate jenkins job to k8s agent pipeline [\#1251](#1251) ([xmanwms95](https://github.com/xmanwms95)) - Ensure tag-exists action works as intended [\#1217](#1217) ([frederikprijck](https://github.com/frederikprijck)) - Align release process by supporting npm provenance and tag and release-directory [\#1216](#1216) ([frederikprijck](https://github.com/frederikprijck)) - Bring back pull_request trigger to release process [\#1214](#1214) ([frederikprijck](https://github.com/frederikprijck))
Merged
tusharpandey13
added a commit
that referenced
this pull request
May 28, 2025
**Added** - Custom Token Exchange [\#1344](#1344) ([tusharpandey13](https://github.com/tusharpandey13)) - Add RL-Secure workflow for scanning build artifacts [\#1281](#1281) ([developerkunal](https://github.com/developerkunal)) **Changed** - build(deps): Bump codecov/codecov-action from 3.1.4 to 3.1.5 [\#1238](#1238) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump ejs from 3.1.8 to 3.1.10 [\#1267](#1267) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump braces from 3.0.2 to 3.0.3 [\#1278](#1278) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump axios from 1.6.2 to 1.7.7 [\#1298](#1298) ([dependabot[bot]](https://github.com/apps/dependabot)) - Changed the trigger from pull_request_target to pull_request for better security [\#1297](#1297) ([gyaneshgouraw-okta](https://github.com/gyaneshgouraw-okta)) - Update codeowner file with new GitHub team name [\#1288](#1288) ([stevenwong-okta](https://github.com/stevenwong-okta)) - chore: migrate jenkins job to k8s agent pipeline [\#1251](#1251) ([xmanwms95](https://github.com/xmanwms95)) - build(deps-dev): Bump typedoc from 0.25.4 to 0.25.9 [\#1250](#1250) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps): Bump actions/cache from 3 to 4 [\#1236](#1236) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump eslint from 8.55.0 to 8.56.0 [\#1223](#1223) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps): Bump github/codeql-action from 2 to 3 [\#1221](#1221) ([dependabot[bot]](https://github.com/apps/dependabot)) - Update automated release process to latest version [\#1222](#1222) ([frederikprijck](https://github.com/frederikprijck)) - build(deps-dev): Bump browserstack-cypress-cli from 1.27.0 to 1.28.0 [\#1220](#1220) ([dependabot[bot]](https://github.com/apps/dependabot)) - build(deps-dev): Bump rollup-plugin-visualizer from 5.10.0 to 5.11.0 [\#1215](#1215) ([dependabot[bot]](https://github.com/apps/dependabot)) **Fixed** - Fix release workflows [\#1361](#1361) ([tusharpandey13](https://github.com/tusharpandey13)) - Use outputs for capturing release-notes [\#1218](#1218) ([frederikprijck](https://github.com/frederikprijck)) - Ensure tag-exists action works as intended [\#1217](#1217) ([frederikprijck](https://github.com/frederikprijck)) - Align release process by supporting npm provenance and tag and release-directory [\#1216](#1216) ([frederikprijck](https://github.com/frederikprijck)) - Bring back pull_request trigger to release process [\#1214](#1214) ([frederikprijck](https://github.com/frederikprijck))
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
Authentication api
exchangeTokenmethod inAuth0ClientTokenExchange.tsReferences
Custom Token Exchange Beta
Test results
Checklist