Skip to content

@lancedb/lancedbDocs


@lancedb/lancedb / NativeOAuthConfig

Interface: NativeOAuthConfig

OAuth configuration for LanceDB authentication.

This is the generated napi-rs binding shape. TypeScript users should prefer the public OAuthConfig type exported from @lancedb/lancedb.

All token acquisition and refresh is handled in the Rust layer.

Properties

clientId

clientId: string;

Application / Client ID.


clientSecret?

optional clientSecret: string;

Client secret (required for client_credentials).


flow?

optional flow: string;

Authentication flow: "client_credentials" or "azure_managed_identity"


issuerUrl

issuerUrl: string;

OIDC issuer URL or OAuth authority URL. For Azure: https://login.microsoftonline.com/{tenant_id}/v2.0


managedIdentityClientId?

optional managedIdentityClientId: string;

Client ID for user-assigned managed identity (azure_managed_identity).


refreshBufferSecs?

optional refreshBufferSecs: number;

Seconds before expiry to trigger proactive refresh (default: 300). Keep this well below the token TTL; if it is greater than or equal to the TTL, each request refreshes the token.


scopes

scopes: string[];

OAuth scopes to request. For Azure managed identity, exactly one scope or resource is required. For example: ["api://{app_id}/.default"]