[Feature]: Per-request OAuth2 auth override #5
Description
Problem Statement
When building backend services that call the Roblox Open Cloud on behalf of many users, each with their own OAuth2 token, the SDK currently only supports a single global auth configuration. This makes it difficult to handle requests for multiple users efficiently without reconstructing the entire OpenCloud client per request.
Proposed Solution
Introduce a per-call auth override parameter to all resource methods and the underlying HttpClient.
This would allow developers to reuse a single OpenCloud instance while providing user-specific OAuth2 credentials (or API keys) on each call.
Proposed API Design
// Reuse a single client instance (shared base URL, retry config)
const client = new OpenCloud();
// Each request uses the caller's access token:
app.get("/me/groups", async (req, res) => {
const accessToken = req.headers["x-user-token"] as string;
const auth = { kind: "oauth2", accessToken };
const memberships = await oc.groups.listMemberships("123456", { maxPageSize: 50 }, { auth });
res.json(memberships);
});Alternatives Considered
- Creating a new
OpenCloudinstance per user request (inefficient and unnecessary object churn). - Manually injecting Authorization headers outside the SDK (breaks retry and auth-refresh behavior).
Is this related to a Roblox Open Cloud API endpoint?
No - SDK improvement
Roblox API Documentation Link
No response
Additional Context
No response
Checklist
- I have searched for similar feature requests before opening this one
- I have checked the documentation to ensure this feature doesn't already exist
- I am willing to contribute a PR for this feature