Does passport.js support 'Client Credentials Flow'?

Question

I am creating a node.js webapp to access GettyImages API using 'Client Credentials Flow'

Does passport.js support it? if yes, how can I implement that?

Answer 1

passport is typically used to authenticate users on your web site. If your (web) app is calling an external API (e.g. gettyimages), and it is authenticating itself to such external system, then you probably don't need it (and won't need any framework either). The client credential flow is a simple POST:

This is taken from their docs:

POST https://api.gettyimages.com/oauth2/token HTTP/1.1
Host: api.gettyimages.com
Content-Type: application/x-www-form-urlencoded

client_id=abc123&client_secret=yoursecret&grant_type=client_credentials

Full docs here

Answer 2

The previous answer by @eugenio-pace is 6 years old, and since then a bunch of things have changed.

Regarding access to GettyImages API with client credentials you can either:

1. Still make a direct API call. This example (though in Python) shows how.
2. Use a GettyImages client SDK for your language. There are a number of them, but here in gettyimages-api_nodejs client credentials are explained for NodeJS.

Using option 2 above you can continue to work with the API client. If client credentials were obtained by a REST call you can use PassportJS with the passport-oauth2 to build your access logic.

PassportJS comes with many Strategies nowadays and it is worth checking first to see if other alternatives are a better choice for you.

---

Cool thing is that if you want to build a full OAuth2 provider solution then PassportJS can facilitate you too. Client credentials in that case are provided through the passport-oauth2-client-password strategy (based on oauth2orize) and is demonstrated in this example.

Another popular package to implement an OAuth server besides oauth2orize is oauth2-server.