JWT-serialized access token
Optional
dpopDPoP key to which the access token, and potentially the refresh token, are bound.
Optional
expiresExpiration of the access token.
Optional
expiresExpiresAt should be computed from expiresIn when receiving the token.
Optional
idJWT-serialized id token
Optional
refreshRefresh token (not necessarily a JWT)
Optional
tokenUsually "Bearer"
Optional
webURL identifying the subject of the ID token.
Based on openid-client's TokenSetParameters. Re-creating the type allows not to depend on the Node-specific library at the environment-agnostic level.