Interface WWWAuthenticateChallenge

Parsed WWW-Authenticate challenge (RFC 9110 §11.6.1, RFC 6750, RFC 9728).

Only the fields most relevant to OAuth diagnostics are surfaced; unknown auth-params are preserved under params so callers can inspect them.

interface WWWAuthenticateChallenge {
    scheme: string;
    realm?: string;
    error?: string;
    error_description?: string;
    scope?: string;
    resource_metadata?: string;
    params: Record<string, string>;
}

Index

Properties

scheme realm? error? error_description? scope? resource_metadata? params

Properties

scheme

scheme: string

Auth-scheme token, e.g. "Bearer" or "DPoP". Always lowercased.

`Optional`realm

realm?: string

realm auth-param, if present.

`Optional`error

error?: string

error auth-param (RFC 6750 §3), e.g. "invalid_token".

`Optional`error_description

error_description?: string

error_description auth-param (RFC 6750 §3).

`Optional`scope

scope?: string

scope auth-param (RFC 6750 §3).

`Optional`resource_metadata

resource_metadata?: string

resource_metadata auth-param (RFC 9728 §5.3) — URL of the protected-resource metadata document.

params

params: Record<string, string>

All auth-params (lowercased keys), including unknown ones.

Interface WWWAuthenticateChallenge

Index

Properties

Properties

scheme

`Optional`realm

`Optional`error

`Optional`error_description

`Optional`scope

`Optional`resource_metadata

params

Settings

On This Page

Interface WWWAuthenticateChallenge

Index

Properties

Properties

scheme

Optionalrealm

Optionalerror

Optionalerror_description

Optionalscope

Optionalresource_metadata

params

Settings

On This Page

`Optional`realm

`Optional`error

`Optional`error_description

`Optional`scope

`Optional`resource_metadata