When negotiating TLS-PSK (pre-shared keys), this function is called with optional identity hint provided by the server or null in case of TLS 1.3 where hint was removed. It will be necessary to provide a custom tls.checkServerIdentity() for the connection as the default one will try to check hostname/IP of the server against the certificate but that's not applicable for PSK because there won't be a certificate present. More information can be found in the RFC 4279.
method
tls.ConnectionOptions.pskCallback
hint: null | string
@param hint
message sent from the server to help client decide which identity to use during negotiation. Always null if TLS 1.3 is used.
@returns
Return null to stop the negotiation process. psk must be compatible with the selected cipher's digest. identity must use UTF-8 encoding.