Verifies a token and returns the associated credentials.
Optionaloptions: { allowLimitedAccess?: boolean }OptionalallowLimitedAccess?: booleanIf set to true, allow limited access tokens (such as cookies).
If this flag is not set, or is set to false, calls with limited access tokens will lead to a @backstage/errors#NotAllowedError being thrown.
Issue a limited user token that can be used e.g. in cookie flows.
The credentials that this token should represent. Must be a user principal. Commonly the output of HttpAuthService.credentials is used as the input.
Create a credentials object that represents an unauthenticated caller.
Create a credentials object that represents the current service itself.
Issue a token that can be used for authenticating calls towards other backend plugins.
The credentials of the originator of the request.
This is most commonly the result of AuthService.getOwnServiceCredentials when the current service is the originator, or the output of HttpAuthService.credentials when performing requests on behalf of an incoming request identity.
The ID of the plugin that the request is being made to.
Checks if the given credentials are of the given type, and narrows the TypeScript type accordingly if there's a match.
Retrieve the public keys that have been used to sign tokens that were issued by this service. This list is periodically pruned from keys that are significantly past their expiry.
Provides token authentication and credentials management.
See the service documentation for more details.