This strategy is designed to help manage authentication and sessions in your express-based applications. This strategy authenticates users by validating the JWT in either Authorization Bearer or cookie, and provides additional user management features.
The Descope Passport strategy can be installed with npm.
npm i passport-descope
In order to utilize the authentication functions, you will need to initialize a DescopeStrategy object. You will need to define a retrieve your Descope Project ID and define a verify callback function to be able to authenticate using the DescopeStrategy object,
var DescopeStrategy = require('passport-descope');
passport.use(new DescopeStrategy({
projectId: '<Your project ID>',
managementKey: '<OPTIONAL management key>'
verify: (jwtDetails, cb) => cb(null, {id: jwtDetails.token.sub})
}));
Required
-
projectId- The project ID you can retrieve from the Descope Console here. -
verify- The verify function is specific to thepassport-descopestrategy, and the exact argument it receives(jwtDetails, cb)and the parameter it yields{id: jwtDetails.token.sub}is dependent on our Descope authentication strategy.
Optional
managementKey- If you would like to also return user information as part of the verifyCallback function, you will need to include a Descope Management Key when you initialize yourDescopeStrategyobject. You can create one in the Company Settings portal here.
If you would like to learn more about Passport JS Strategies, please visit their website.
We appreciate feedback and contribution to this repository!
To provide feedback or report a bug, please raise an issue on our issue tracker.
This project is licensed under the MIT license. See the LICENSE file for more info.