Skip to main content
Version: Next

AuthService

Home > @backstage/backend-plugin-api > AuthService

Provides token authentication and credentials management.

See the service documentation for more details.

Signature:

export interface AuthService 

Methods

Method

Description

authenticate(token, options)

Verifies a token and returns the associated credentials.

getLimitedUserToken(credentials)

Issue a limited user token that can be used e.g. in cookie flows.

getNoneCredentials()

Create a credentials object that represents an unauthenticated caller.

getOwnServiceCredentials()

Create a credentials object that represents the current service itself.

getPluginRequestToken(options)

Issue a token that can be used for authenticating calls towards other backend plugins.

isPrincipal(credentials, type)

Checks if the given credentials are of the given type, and narrows the TypeScript type accordingly if there's a match.

listPublicServiceKeys()

Retrieve the public keys that have been used to sign tokens that were issued by this service. This list is periodically pruned from keys that are significantly past their expiry.