Ability to bypass the AuthHttpInterceptor on a per-request basis

[iragsdale]

Checklist

• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

I have some requests that I'd like to bypass the Auth0 AuthHttpInterceptor, and skipping them by matching on URL string using a uriMatcher in the configuration isn't ideal.

It is possible to match these endpoints by their URL strings, but that requires configuring the interceptor in a completely separate area of code from where this is necessary, making the code difficult to understand. And while our current use case doesn't require the ability to do that based on any other state, I could easily imagine a situation where we might want to skip the interceptor based on some condition other than the URL of the endpoint in use.

Describe the ideal solution

Ideally it would be possible to mark a request to be skipped by adding an HttpContextToken to the request context, as described here: https://bradleycarey.com/posts/bypass-angular-interceptor/. This would take just a few lines of code, would be easy to test, and solves the problem in a very simple way.

If the maintainers are interested in adding this functionality, I might be willing to create a PR myself.

Alternatives and current workarounds

It would certainly be possible for us to implement this on our own by wrapping the AuthHttpInterceptor in our own interceptor, and I've considered doing that instead of URL matching. If the maintainers of this library would prefer not to build this in, we may end up doing that for our app in the future. But this seems like such a simple and powerful improvement to the functionality of the base library that I'd like to avoid having to do that.

Additional context

No response

[jgbpercy]

It's great that this library exist and provides an official, blessed way to use Auth0 from Angular, but I agree the library interceptor should absolutely have an associated context token. HttpContextToken has been in Angular only slightly less time than this library has existed and suggesting HttpBackend hacks as the official way to avoid the interceptor on unauthenticated initialization calls does make me question migrating away from our current custom wrapper for auth0-spa-js.