---
editLink: false
lastUpdated: false
---

[@salesforce/b2c-tooling-sdk](../../modules.md) / [auth](../index.md) / resolveAuthStrategy

# Function: resolveAuthStrategy()

> **resolveAuthStrategy**(`credentials`, `options`): [`AuthStrategy`](../interfaces/AuthStrategy.md)

Defined in: [packages/b2c-tooling-sdk/src/auth/resolve.ts:160](https://github.com/SalesforceCommerceCloud/b2c-developer-tooling/blob/e7c16f1ae423da0aa47b3e10be88f9770b53619b/packages/b2c-tooling-sdk/src/auth/resolve.ts#L160)

Resolves and creates the appropriate auth strategy based on credentials and allowed methods.

Iterates through allowed methods in priority order and returns the first strategy
for which the required credentials are available.

## Parameters

### credentials

[`AuthCredentials`](../interfaces/AuthCredentials.md)

The available credentials

### options

[`ResolveAuthStrategyOptions`](../interfaces/ResolveAuthStrategyOptions.md) = `{}`

Resolution options (allowed methods, etc.)

## Returns

[`AuthStrategy`](../interfaces/AuthStrategy.md)

The resolved auth strategy

## Throws

Error if no allowed method has the required credentials

## Example

```typescript
import { resolveAuthStrategy } from '@salesforce/b2c-tooling-sdk';

// Will use client-credentials if secret is available, otherwise implicit
const strategy = resolveAuthStrategy({
  clientId: 'my-client-id',
  clientSecret: process.env.CLIENT_SECRET, // may be undefined
  scopes: ['sfcc.products'],
});

// Force implicit auth only
const implicitStrategy = resolveAuthStrategy(
  { clientId: 'my-client-id' },
  { allowedMethods: ['implicit'] }
);

// Use the strategy
const response = await strategy.fetch('https://example.com/api');
```