{"id":18109,"library":"angular-auth-oidc-client","title":"angular-auth-oidc-client","description":"Angular library for OpenID Connect and OAuth2 authentication. Version 21.0.1 supports Angular 20+. Certified by OpenID Foundation, implements Code Flow with PKCE, Implicit Flow, Session Management, Token Revocation, and Pushed Authorisation Requests. Ships TypeScript types and supports schematics via ng add. Active development with frequent releases following Angular versions. Differentiator: full OIDC certification and comprehensive Angular integration including guards, interceptors, and session management.","status":"active","version":"21.0.1","language":"javascript","source_language":"en","source_url":"https://github.com/damienbod/angular-auth-oidc-client","tags":["javascript","angular","oidc","oauth2","openid","security","typescript","openidconnect","auth"],"install":[{"cmd":"npm install angular-auth-oidc-client","lang":"bash","label":"npm"},{"cmd":"yarn add angular-auth-oidc-client","lang":"bash","label":"yarn"},{"cmd":"pnpm add angular-auth-oidc-client","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Peer dependency for Angular integration","package":"@angular/core","optional":false},{"reason":"Peer dependency for Angular common utilities","package":"@angular/common","optional":false},{"reason":"Peer dependency for Angular routing and guards","package":"@angular/router","optional":false},{"reason":"Peer dependency for reactive programming","package":"rxjs","optional":false}],"imports":[{"note":"Named export. ForRoot configuration required.","wrong":"import AuthModule from 'angular-auth-oidc-client'","symbol":"AuthModule","correct":"import { AuthModule } from 'angular-auth-oidc-client'"},{"note":"Type for configuration object.","wrong":"import { OidcConfig } from 'angular-auth-oidc-client'","symbol":"OidcConfiguration","correct":"import { OidcConfiguration } from 'angular-auth-oidc-client'"},{"note":"Main service for authentication operations.","wrong":"import { AuthService } from 'angular-auth-oidc-client/src/auth.service'","symbol":"AuthService","correct":"import { AuthService } from 'angular-auth-oidc-client'"},{"note":"Enum for log level configuration.","wrong":null,"symbol":"LogLevel","correct":"import { LogLevel } from 'angular-auth-oidc-client'"},{"note":"Deprecated alias for AuthService since v20.","wrong":"import { OidcSecurityService } from 'angular-auth-oidc-client/src/oidc-security.service'","symbol":"OidcSecurityService","correct":"import { OidcSecurityService } from 'angular-auth-oidc-client'"},{"note":"Type for authentication result. Exported since v20.0.1.","wrong":"import { AuthResult } from 'angular-auth-oidc-client/auth-helper'","symbol":"AuthResult","correct":"import { AuthResult } from 'angular-auth-oidc-client'"}],"quickstart":{"code":"import { NgModule } from '@angular/core';\nimport { AuthModule, LogLevel } from 'angular-auth-oidc-client';\n\n@NgModule({\n  imports: [\n    AuthModule.forRoot({\n      config: {\n        authority: 'https://your-identity-server.com',\n        redirectUrl: window.location.origin + '/callback',\n        clientId: 'your-client-id',\n        scope: 'openid profile email offline_access',\n        responseType: 'code',\n        silentRenew: true,\n        useRefreshToken: true,\n        logLevel: LogLevel.Debug,\n        secureRoutes: ['/api', '/protected'],\n      },\n    }),\n  ],\n  providers: [],\n})\nexport class AppModule {};\n\n// In component:\nimport { Component } from '@angular/core';\nimport { AuthService } from 'angular-auth-oidc-client';\n\n@Component({ selector: 'app-root', template: '<button (click)=\"login()\">Login</button>' })\nexport class AppComponent {\n  constructor(private authService: AuthService) {}\n\n  login(): void {\n    this.authService.authorize();\n  }\n}","lang":"typescript","description":"Shows basic configuration of AuthModule with forRoot and a simple login button in a component."},"warnings":[{"fix":"Set config.strictWellKnownIssuerValidation = false if your IDP is misconfigured.","message":"Since v20.0.0, strict issuer validation is enabled by default. This may break connections to OIDC providers with mismatched issuer.","severity":"breaking","affected_versions":">=20.0.0"},{"fix":"Use AuthService instead.","message":"OidcSecurityService is deprecated since v20.0.0 and scheduled for removal.","severity":"breaking","affected_versions":">=20.0.0"},{"fix":"Upgrade to v20.0.1 or later.","message":"AuthResult type was missing in v20.0.0 export. Re-exported in v20.0.1.","severity":"deprecated","affected_versions":"20.0.0"},{"fix":"Use config.storage = localStorage if needed, or implement custom storage.","message":"The library uses sessionStorage by default unless configured otherwise. Clearing browser storage may log users out unexpectedly.","severity":"gotcha","affected_versions":"all"},{"fix":"Enable PKCE (default) unless your IDP does not support it.","message":"If you disable PKCE with disablePkce=true, but the IDP requires PKCE, authentication will fail.","severity":"gotcha","affected_versions":"all"},{"fix":"Consider using popup or refresh token flow instead.","message":"Silent renew iframe may not work in some browsers due to third-party cookie restrictions.","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Ensure AuthModule.forRoot() is imported in your AppModule.","cause":"AuthService not properly injected, possibly due to missing AuthModule.forRoot.","error":"TypeError: Cannot read properties of undefined (reading 'authorize')"},{"fix":"Check the configId parameter matches the one defined in AuthModule.forRoot().","cause":"Providing a configId in authorize() that does not match any configuration.","error":"Error: Configuration 'your-config-id' not found."},{"fix":"Set strictWellKnownIssuerValidation: false in config or correct the authority URL.","cause":"OIDC well-known endpoint returns an issuer mismatch.","error":"Error: The issuer is not valid (strict issuer validation)."},{"fix":"Check the isAuthenticated flag in AuthResult before accessing token properties.","cause":"AuthResult not handled correctly; access_token may be undefined if authentication failed.","error":"ERROR Error: Uncaught (in promise): TypeError: Cannot read properties of undefined (reading 'access_token')"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}