Interface CredentialStore

Pluggable credential persistence. The default is an in-memory store scoped to the provider instance. Browser adapters (sessionStorageCredentialStore, localStorageCredentialStore) are explicit opt-in because Web Storage is readable by any script on the origin (XSS exfiltration risk) — see docs/auth.md.

Keys are namespaced per origin/service by the provider so tokens for one service are never returned for another.

interface CredentialStore {
    delete(key: string): void | Promise<void>;
    get(key: string): undefined | StoredCredential | Promise<undefined | StoredCredential>;
    set(key: string, value: StoredCredential): void | Promise<void>;
}

Implemented by

Methods

Methods