npm - @drmhse/sso-sdk - Versions diffs - 0.5.3 → 0.5.5 - Mend

@drmhse/sso-sdk 0.5.3 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md CHANGED Viewed

@@ -91,6 +91,26 @@ const result = await sso.serviceApi.requestProviderToken({
 });
 ```
+### Enterprise-managed authorization
+For MCP and Cross-App Access style flows, exchange a service-scoped AuthOS JWT
+for an ID-JAG, then redeem it for a resource-scoped bearer token:
+```ts
+const idJag = await sso.auth.enterprise.requestIdJag({
+  client_id: 'service-client-id',
+  audience: 'https://auth.example.com',
+  resource: 'https://api.example.com/mcp',
+  subject_token: serviceAccessToken,
+});
+const resourceToken = await sso.auth.enterprise.exchangeIdJag({
+  client_id: 'service-client-id',
+  client_secret: process.env.AUTHOS_SERVICE_CLIENT_SECRET!,
+  assertion: idJag.access_token,
+});
+```
 ## Feature highlights
 - Password, OAuth, magic-link, passkey, MFA, and device-flow authentication
@@ -98,6 +118,7 @@ const result = await sso.serviceApi.requestProviderToken({
 - Linked accounts and provider-token request completion flows
 - Organization, service, analytics, audit-log, and platform-owner APIs
 - Service API helpers including backend-only provider token retrieval
+- Enterprise-managed authorization helpers for ID-JAG resource access
 ## Canonical references