npmpackage.info

Gathering detailed insights and metrics for angular-auth-oidc-client

Other packages similar to angular-auth-oidc-client

angular-auth-oidc-client-pramod

0.0.17

Angular Lib for OpenID Connect & OAuth2

integrator-angular-auth-oidc-client

2.0.1

An OpenID Connect Code Flow with PKCE,Implicit Flow client for Angular. Adapted for Integrator

@vinayg/angular-auth-oidc-client

12.0.3

Angular Lib for OpenID Connect & OAuth2

angular-auth-oidc-client-pema

11.6.0

[![Build Status](https://travis-ci.org/damienbod/angular-auth-oidc-client.svg?branch=master)](https://travis-ci.org/damienbod/angular-auth-oidc-client) [![npm](https://img.shields.io/npm/v/angular-auth-oidc-client.svg)](https://www.npmjs.com/package/angul

Gathering detailed insights and metrics for angular-auth-oidc-client

angular-auth-oidc-client - 19.0.1 | npmpackage.info

angular-auth-oidc-client

npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow

19.0.1

1,199

MIT

TypeScript

973.10 kB

4.5

Installations

npm install angular-auth-oidc-client

Developer Guide

BETA

Typescript

No

Module System

ESM

Node Version

20.11.1

NPM Version

10.5.0 Pull Requests

Open

4

Total

701

Closed

107

Merged

590

Issues

Open

236

Total

1,406

Closed

1,170

Releases

133

19.0.1

Updated on May 11, 2025

19.0.0

Updated on Dec 04, 2024

18.0.2

Updated on Oct 12, 2024

18.0.1

Updated on Jun 20, 2024

18.0.0

Updated on Jun 07, 2024

17.1.0

Updated on May 31, 2024

View All 133 releases

Languages

TypeScript

JavaScript

HTML

CSS

TypeScript (87.04%)

JavaScript (10.1%)

HTML (2.58%)

CSS (0.28%)

Developer

damienbod

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

1,199 Stars

4,258 Commits

448 Forks

37 Watchers

11 Branches

92 Contributors

Updated on Jul 08, 2025

Maintainers

View All 92 Contributors

Package Meta Information

Latest Version

19.0.1

Package Id

angular-auth-oidc-client@19.0.1

Unpacked Size

973.10 kB

Size

158.89 kB

File Count

168

NPM Version

10.5.0

Node Version

20.11.1

Published on

May 11, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

tslib rfc4648

Peer Dependencies

rxjs @angular/core @angular/common @angular/router

Angular Lib for OpenID Connect & OAuth2

Secure your Angular app using the latest standards for OpenID Connect & OAuth2. Provides support for token refresh, all modern OIDC Identity Providers and more.

Acknowledgements

This library is certified by OpenID Foundation. (RP Implicit and Config RP)

Features

Code samples for most of the common use cases
Supports schematics via ng add support
Supports all modern OIDC identity providers
Supports OpenID Connect Code Flow with PKCE
Supports Code Flow PKCE with Refresh tokens
Supports OpenID Connect Implicit Flow
Supports OpenID Connect Session Management 1.0
Supports RFC7009 - OAuth 2.0 Token Revocation
Supports RFC7636 - Proof Key for Code Exchange (PKCE)
Supports OAuth 2.0 Pushed authorisation requests (PAR) draft
Semantic releases
Github actions
Modern coding guidelines with prettier, husky
Up to date documentation
Implements OIDC validation as specified, complete client side validation for REQUIRED features
Supports authentication using redirect or popup

Installation

Ng Add

You can use the schematics and ng add the library.

1ng add angular-auth-oidc-client

And answer the questions. A module will be created which encapsulates your configuration.

angular-auth-oidc-client schematics

Npm / Yarn

Navigate to the level of your package.json and type

1 npm install angular-auth-oidc-client

or with yarn

1 yarn add angular-auth-oidc-client

Documentation

Read the docs here

Samples

Explore the Samples here

Quickstart

For the example of the Code Flow. For further examples please check the Samples Section.

If you have done the installation with the schematics, these modules and files should be available already!

Configuration

Import the AuthModule in your module.

1import { NgModule } from '@angular/core';
2import { AuthModule, LogLevel } from 'angular-auth-oidc-client';
3// ...
4
5@NgModule({
6  // ...
7  imports: [
8    // ...
9    AuthModule.forRoot({
10      config: {
11        authority: '<your authority address here>',
12        redirectUrl: window.location.origin,
13        postLogoutRedirectUri: window.location.origin,
14        clientId: '<your clientId>',
15        scope: 'openid profile email offline_access',
16        responseType: 'code',
17        silentRenew: true,
18        useRefreshToken: true,
19        logLevel: LogLevel.Debug,
20      },
21    }),
22  ],
23  // ...
24})
25export class AppModule {}

And call the method checkAuth() from your app.component.ts. The method checkAuth() is needed to process the redirect from your Security Token Service and set the correct states. This method must be used to ensure the correct functioning of the library.

1import { Component, OnInit, inject } from '@angular/core';
2import { OidcSecurityService } from 'angular-auth-oidc-client';
3
4@Component({
5  /*...*/
6})
7export class AppComponent implements OnInit {
8  private readonly oidcSecurityService = inject(OidcSecurityService);
9
10  ngOnInit() {
11    this.oidcSecurityService
12      .checkAuth()
13      .subscribe((loginResponse: LoginResponse) => {
14        const { isAuthenticated, userData, accessToken, idToken, configId } =
15          loginResponse;
16
17        /*...*/
18      });
19  }
20
21  login() {
22    this.oidcSecurityService.authorize();
23  }
24
25  logout() {
26    this.oidcSecurityService
27      .logoff()
28      .subscribe((result) => console.log(result));
29  }
30}

Using the access token

You can get the access token by calling the method getAccessToken() on the OidcSecurityService

1const token = this.oidcSecurityService.getAccessToken().subscribe(...);

And then you can use it in the HttpHeaders

1import { HttpHeaders } from '@angular/common/http';
2
3const token = this.oidcSecurityServices.getAccessToken().subscribe((token) => {
4  const httpOptions = {
5    headers: new HttpHeaders({
6      Authorization: 'Bearer ' + token,
7    }),
8  };
9});

You can use the built in interceptor to add the accesstokens to your request

1AuthModule.forRoot({
2  config: {
3    // ...
4    secureRoutes: ['https://my-secure-url.com/', 'https://my-second-secure-url.com/'],
5  },
6}),

1 providers: [
2    { provide: HTTP_INTERCEPTORS, useClass: AuthInterceptor, multi: true },
3  ],

Versions

Current Version is Version 19.x

License

MIT

Authors

No vulnerabilities found.

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

5

Maintained

Determines if the project is "actively maintained".

5

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/deploy-docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/deploy-docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/deploy-docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/damienbod/angular-auth-oidc-client/deploy-docs.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:121
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:132
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:161
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:172
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:201
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:211
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:216
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:245
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:256
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:81
Warn: npmCommand not pinned by hash: .github/workflows/build.yml:92
Warn: npmCommand not pinned by hash: .github/workflows/deploy-docs.yml:29
Warn: npmCommand not pinned by hash: .github/workflows/deploy-docs.yml:32
Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 4 third-party GitHubAction dependencies pinned
Info: 1 out of 14 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

40 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-f7f6-9jq7-3rqj
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
Warn: Project is vulnerable to: GHSA-859w-5945-r5v3

Score

4.5

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More