Docs/Add Hardware-Backed Sign-In to Your Application/ Angular (angular-auth-oidc-client)
View as .md

Angular (angular-auth-oidc-client)

See the Applications overview for prerequisites, configuration endpoints, and available scopes.

angular-auth-oidc-client is a certified OpenID Connect library for Angular. Key configuration:

  • No client secret needed (public client with PKCE, enabled by default)
  • Vouch does not issue refresh tokens — redirect the user to sign in again when the token expires
  • Set autoUserInfo: true for automatic userinfo fetching
  • Use OidcSecurityService.checkAuth() to get { isAuthenticated, userData, accessToken }
  • The hardware attestation claim (hardware_verified) is in the access token JWT — decode with atob(token.split('.')[1]) after base64url character replacement

Example

spa/angular — Complete working example with angular-auth-oidc-client, PKCE, and hardware claim extraction.