VerifyAssertionResponse
import type { VerifyAssertionResponse } from "https://googleapis.deno.dev/v1/identitytoolkit:v3.ts";
Response of verifying the IDP assertion.
§Properties
The opaque value used by the client to maintain context info between the authentication request and the IDP callback.
The email returned by the IdP. NOTE: The federated login user may not own the email.
The value is true if the IDP is also the email provider. It means the user owns the email.
If idToken is STS id token, then this field will be expiration time of STS id token in seconds.
It's the identifier param in the createAuthUri request if the identifier is an email. It can be used to check whether the user input email is different from the asserted email.
The RP local ID if it's already been mapped to the IdP account identified by the federated ID.
Whether the assertion is from a non-trusted IDP and need account linking confirmation.
The original email stored in the mapping storage. It's returned when the federated ID is associated to a different email.
The IdP ID. For white listed IdPs it's a short domain name e.g. google.com, aol.com, live.net and yahoo.com. If the "providerId" param is set to OpenID OP identifer other than the whilte listed IdPs the OP identifier is returned. If the "identifier" param is federated ID in the createAuthUri request. The domain part of the federated ID is returned.