@lancedb/lancedb • Docs
@lancedb/lancedb / NativeOAuthConfig
Interface: NativeOAuthConfig¶
OAuth configuration for LanceDB authentication.
This is the generated napi-rs binding shape. TypeScript users should prefer
the public OAuthConfig type exported from @lancedb/lancedb.
All token acquisition and refresh is handled in the Rust layer.
Properties¶
clientId¶
Application / Client ID.
clientSecret?¶
Client secret (required for client_credentials).
flow?¶
Authentication flow: "client_credentials" or "azure_managed_identity"
issuerUrl¶
OIDC issuer URL or OAuth authority URL.
For Azure: https://login.microsoftonline.com/{tenant_id}/v2.0
managedIdentityClientId?¶
Client ID for user-assigned managed identity (azure_managed_identity).
refreshBufferSecs?¶
Seconds before expiry to trigger proactive refresh (default: 300). Keep this well below the token TTL; if it is greater than or equal to the TTL, each request refreshes the token.
scopes¶
OAuth scopes to request. For Azure managed identity, exactly one scope
or resource is required. For example: ["api://{app_id}/.default"]