@salesforce/b2c-tooling-sdk / auth / OAuthStrategy
Class: OAuthStrategy
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:123
OAuth 2.0 Client Credentials authentication strategy.
Implements the client credentials flow for automated/server-side authentication with no user interaction required. Automatically manages token caching, expiration, and 401 retry logic with single-flight token requests to prevent thundering herd on the token endpoint.
Example
import { OAuthStrategy } from '@salesforce/b2c-tooling-sdk';
const auth = new OAuthStrategy({
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
scopes: ['sfcc.products'],
});
const response = await auth.fetch('https://api.example.com/products');Implements
Constructors
Constructor
new OAuthStrategy(
config):OAuthStrategy
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:133
Creates a new OAuthStrategy instance with the provided OAuth configuration.
Parameters
config
OAuth client credentials and optional configuration
Returns
OAuthStrategy
Methods
fetch()
fetch(
url,init):Promise<Response>
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:155
Performs a fetch request with OAuth bearer token authentication.
Automatically injects the Authorization header and client ID header with a valid access token. Implements 401 retry logic: if a previously-successful request returns 401, invalidates the cached token and retries once with a fresh token. Does not retry on initial 401 to avoid retrying with bad credentials.
Parameters
url
string
The URL to fetch
init
FetchInit = {}
Optional fetch init options (headers, body, method, etc.)
Returns
Promise<Response>
The fetch response
Implementation of
getAuthorizationHeader()
getAuthorizationHeader():
Promise<string>
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:182
Optional: Helper for legacy clients (like a strict WebDAV lib) that need the raw header.
Returns
Promise<string>
Implementation of
AuthStrategy.getAuthorizationHeader
getJWT()
getJWT():
Promise<DecodedJWT>
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:190
Gets the decoded JWT payload
Returns
Promise<DecodedJWT>
getTokenResponse()
getTokenResponse():
Promise<AccessTokenResponse>
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:199
Gets the full token response including expiration and scopes. Useful for commands that need to display or return token metadata.
Returns
Promise<AccessTokenResponse>
invalidateToken()
invalidateToken():
void
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:214
Invalidates the cached token, forcing re-authentication on next request
Returns
void
Implementation of
withAdditionalScopes()
withAdditionalScopes(
additionalScopes):OAuthStrategy
Defined in: packages/b2c-tooling-sdk/src/auth/oauth.ts:225
Creates a new OAuthStrategy with additional scopes merged in. Used by clients that have specific scope requirements.
Parameters
additionalScopes
string[]
Scopes to add to this strategy's existing scopes
Returns
OAuthStrategy
A new OAuthStrategy instance with merged scopes