ServiceAuthorizationClient Class

Utility to generate OIDC/OAuth tokens for service or service applications

  • The application must register a client using the self service registration page.
  • The client type must be "service"
  • Use the Client Id/Client Secret/Scopes to create the service configuration that's passed in.
  • Ensure the application can access the iTwin Project/Asset - in production environments, this is done by using the iTwin project portal to add add the email {Client Id} as an authorized user with the appropriate role that includes the required access permissions.



Name Description
constructor(serviceConfiguration: ServiceAuthorizationClientConfiguration): ServiceAuthorizationClient    
getAccessToken(): Promise<string> Returns a promise that resolves to the AccessToken of the currently authorized client.  


Name Type Description
_configuration Protected ServiceAuthorizationClientConfiguration    
hasExpired Accessor ReadOnly boolean Set to true if the user has signed in, but the token has expired and requires a refresh  
hasSignedIn Accessor ReadOnly boolean Set to true if signed in - the accessToken may be active or may have expired and require a refresh  
isAuthorized Accessor ReadOnly boolean Set to true if there's a current authorized user or client (in the case of service applications).  

Defined in

Last Updated: 13 May, 2024