{"id":16720,"library":"ember-simple-auth-oidc","title":"Ember Simple Auth OpenID Connect Addon","description":"ember-simple-auth-oidc is an Ember.js addon that integrates OpenID Connect (OIDC) Authorization Code Flow into applications utilizing Ember Simple Auth. It provides an `OIDCAuthenticationRoute` for handling authentication, OIDC-aware adapters (`OIDCJSONAPIAdapter`, `OIDCRESTAdapter`) for Ember Data, and middleware for `@ember-apollo-client` to manage authorization headers and token refreshing. The package is actively maintained, with version 7.4.1 being the current stable release as of February 2026, and typically sees monthly or bi-monthly updates for bug fixes and minor features. It supports Ember.js v4.12+, Ember CLI v4.12+, Node.js v18+, and Ember Simple Auth v6+, offering robust OIDC compliance and seamless integration into the Ember ecosystem.","status":"active","version":"7.4.1","language":"javascript","source_language":"en","source_url":"https://github.com/adfinis/ember-simple-auth-oidc","tags":["javascript","ember-addon"],"install":[{"cmd":"npm install ember-simple-auth-oidc","lang":"bash","label":"npm"},{"cmd":"yarn add ember-simple-auth-oidc","lang":"bash","label":"yarn"},{"cmd":"pnpm add ember-simple-auth-oidc","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Core authentication library this addon extends.","package":"ember-simple-auth","optional":false},{"reason":"Required for Ember Data adapter extensions like OIDCJSONAPIAdapter.","package":"ember-data","optional":false},{"reason":"Fundamental Ember.js dependency.","package":"ember-source","optional":false},{"reason":"Peer dependency for integration with ember-apollo-client for GraphQL authorization.","package":"@apollo/client","optional":true},{"reason":"Build-time macros for Embroider compatibility.","package":"@embroider/macros","optional":false},{"reason":"Required for Ember Data adapter extensions.","package":"@ember-data/adapter","optional":false},{"reason":"Aids in ensuring tests wait for asynchronous operations.","package":"@ember/test-waiters","optional":false}],"imports":[{"note":"Ember addons primarily use ES Modules; CommonJS `require` is not supported for routes.","wrong":"const OIDCAuthenticationRoute = require('ember-simple-auth-oidc/routes/oidc-authentication');","symbol":"OIDCAuthenticationRoute","correct":"import OIDCAuthenticationRoute from 'ember-simple-auth-oidc/routes/oidc-authentication';"},{"note":"This is a default export from its specific path, not a named export from the root package.","wrong":"import { OIDCJSONAPIAdapter } from 'ember-simple-auth-oidc/adapters/oidc-json-api-adapter';","symbol":"OIDCJSONAPIAdapter","correct":"import OIDCJSONAPIAdapter from 'ember-simple-auth-oidc/adapters/oidc-json-api-adapter';"},{"note":"The `apolloMiddleware` utility is a named export directly from the root package.","wrong":"import apolloMiddleware from 'ember-simple-auth-oidc/utils/apollo-middleware';","symbol":"apolloMiddleware","correct":"import { apolloMiddleware } from 'ember-simple-auth-oidc';"}],"quickstart":{"code":"/* config/environment.js */\nmodule.exports = function (environment) {\n  let ENV = {\n    modulePrefix: 'my-app',\n    environment,\n    rootURL: '/',\n    locationType: 'history',\n    EmberENV: {\n      FEATURES: {},\n      EXTEND_PROTOTYPES: {\n        Date: false\n      }\n    },\n    APP: {\n      // Here you can pass flags/options to your application instance\n      // when it is created\n    },\n    'ember-simple-auth': {\n      authenticationRoute: 'login'\n    },\n    'ember-simple-auth-oidc': {\n      clientId: process.env.OIDC_CLIENT_ID ?? 'my-oidc-client',\n      issuer: process.env.OIDC_ISSUER ?? 'https://my-auth-server.com/realms/my-realm',\n      redirectUri: process.env.OIDC_REDIRECT_URI ?? 'http://localhost:4200/login',\n      scope: 'openid profile email',\n      responseType: 'code',\n      postLogoutRedirectUri: process.env.OIDC_LOGOUT_URI ?? 'http://localhost:4200/',\n      tokenEndpoint: process.env.OIDC_TOKEN_ENDPOINT ?? 'https://my-auth-server.com/realms/my-realm/protocol/openid-connect/token',\n      logoutEndpoint: process.env.OIDC_LOGOUT_ENDPOINT ?? 'https://my-auth-server.com/realms/my-realm/protocol/openid-connect/logout'\n    }\n  };\n\n  return ENV;\n};\n\n/* app/routes/login.js */\nimport OIDCAuthenticationRoute from \"ember-simple-auth-oidc/routes/oidc-authentication\";\n\nexport default class LoginRoute extends OIDCAuthenticationRoute {}\n\n/* app/routes/protected.js */\nimport Route from \"@ember/routing/route\";\nimport { service } from \"@ember/service\";\n\nexport default class ProtectedRoute extends Route {\n  @service session;\n\n  async beforeModel(transition) {\n    await this.session.requireAuthentication(transition, \"login\");\n  }\n}\n\n/* app/adapters/application.js */\nimport { service } from \"@ember/service\";\nimport OIDCJSONAPIAdapter from \"ember-simple-auth-oidc/adapters/oidc-json-api-adapter\";\n\nexport default class ApplicationAdapter extends OIDCJSONAPIAdapter {\n  @service session;\n\n  get headers() {\n    return { ...this.session.headers, \"Content-Language\": \"en-us\" };\n  }\n}\n\n// Example for Apollo client integration (optional)\n/* app/services/apollo.js */\n// import { service } from \"@ember/service\";\n// import ApolloService from \"ember-apollo-client/services/apollo\";\n// import { apolloMiddleware } from \"ember-simple-auth-oidc\";\n\n// export default class CustomApolloService extends ApolloService {\n//   @service session;\n\n//   link() {\n//     const httpLink = super.link();\n//     return apolloMiddleware(httpLink, this.session);\n//   }\n// }","lang":"javascript","description":"This quickstart demonstrates the core setup for `ember-simple-auth-oidc`, including environment configuration, defining an authentication route, securing a protected route, and integrating with Ember Data for authenticated API requests. It also shows an optional setup for Apollo Client integration."},"warnings":[{"fix":"Consult the official migration guide at `docs/migration-v4.md` within the package repository for necessary code changes.","message":"When upgrading from version 3.x to 4.x, significant changes were introduced requiring migration. Refer to the `docs/migration-v4.md` guide for detailed instructions on updating your application.","severity":"breaking","affected_versions":">=4.0.0"},{"fix":"Include a JavaScript Proxy polyfill in your Ember application if supporting older browsers without native Proxy implementation.","message":"The addon utilizes JavaScript Proxies, which may not be supported in older browsers like Internet Explorer. If IE support is a requirement, a polyfill for Proxy objects must be provided by the application.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Review custom configurations or service extensions that might be targeting the old config service name and update them accordingly.","message":"The internal configuration service was renamed in v7.3.1 to avoid naming collisions. While internal, applications overriding or directly extending internal addon services might be affected.","severity":"deprecated","affected_versions":">=7.3.1"},{"fix":"Ensure you are on `v7.2.0` or newer to benefit from improved autodiscovery stability. If manually configuring, verify all endpoints are correctly specified.","message":"Prior to version 7.2.0, autodiscovery of the OIDC provider's configuration via the `.well-known` endpoint had issues, particularly with awaiting the fetching of this configuration in `beforeModel` and `afterModel` hooks, potentially leading to race conditions.","severity":"gotcha","affected_versions":"<7.2.0"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"Ensure all protected routes call `await this.session.requireAuthentication(transition, 'login');` in their `beforeModel` hook, and that the `login` route extends `OIDCAuthenticationRoute`.","cause":"An unauthenticated user attempted to access a protected route without being redirected to the login route, or `session.requireAuthentication` was not awaited.","error":"Error: Assertion Failed: The session is not authenticated."},{"fix":"Verify the correct import path and style (named vs. default export) from the package documentation. Use `import ... from '...'` syntax for Ember addons.","cause":"Attempting to import a symbol with the wrong import style (e.g., named vs. default) or from an incorrect path, or using CommonJS `require()` syntax with an ESM-only addon.","error":"Failed to compile: Error: Module 'ember-simple-auth-oidc' does not contain an export named 'SomeSymbol'"},{"fix":"Ensure your application adapter extends `OIDCJSONAPIAdapter` or `OIDCRESTAdapter` and that your `headers` getter includes `...this.session.headers`. Also, confirm that `tokenEndpoint` and `issuer` configurations in `config/environment.js` are correct.","cause":"Issues with `access_token` not being refreshed before an Ember Data request, incorrect `headers` configuration, or misconfigured OIDC endpoints.","error":"401 Unauthorized or CORS error during token refresh or API calls."}],"ecosystem":"npm"}