Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/oktadev/okta-node-express-15-minute-auth-example

Secure Authentication with Express and Okta
https://github.com/oktadev/okta-node-express-15-minute-auth-example

auth authentication express nodejs

Last synced: about 2 months ago
JSON representation

Secure Authentication with Express and Okta

Awesome Lists containing this project

README 

        
# Example of Simple Authentication in Express



This is an example of a simple web site with secure user authentication that can be built in 15 minutes using Express and Okta.



**Prerequisites**: [Node.js](https://nodejs.org/en/).



## Getting Started



To install this example application, run the following commands:



```bash

git clone [email protected]:oktadeveloper/okta-node-express-15-minute-auth-example.git

cd okta-node-express-15-minute-auth-example

npm install

```



This will install a local copy of the project. You will need to set up some environment variables before the app will run properly.



To integrate Okta's Identity Platform for user authentication, you'll first need to:



* [Sign up for a free Okta Developer account](https://www.okta.com/developer/signup/)

* You will get a URL similar to `https://dev-123456.oktapreview.com`.

  * Save this URL for later

  * You will also use this URL to login to your Okta account



You will need to create an application in Okta:



* Log in to your Okta account, then navigate to **Applications** and click the **Add Application** button

* Select **Web** and click **Next**

* Give your application a name (e.g. "15 Minute Auth")

* Change the **Base URI** to `http://localhost:3000/` and the **Login redirect URI** to `http://localhost:3000/callback`, then click **Done**

* Save your **Client ID** and **Client Secret** for later



Your Okta application should have settings similar to the following:



![Okta Application Settings](images/okta-app-settings.png)



You will also need to create an API token in Okta:



* Log in to your Okta account, then navigate to **API > Tokens** and click the **Create Token** button

* Enter a name that will help you remember what this is used for (e.g. "15 Minute Auth")

* Save the provided **token value** for later

  * This will only be displayed once. If you lose it, you will need to create another API token



Now create a file called `.env` in the project root and add the following variables, replacing the values with your own from the previous steps.



**.env**

```bash

HOST_URL=http://localhost:3000

OKTA_ORG_URL=https://{yourOktaOrgUrl}

OKTA_CLIENT_ID={yourClientId}

OKTA_CLIENT_SECRET={yourClientSecret}

OKTA_TOKEN={yourOktaToken}

```



You also need an app secret. One way to get a random `APP_SECRET` is to use the following commands, which will generate a random value and add it to your `.env` file.



```bash

npm install -g uuid-cli

echo "APP_SECRET=`uuid`" >> .env

```



Now you can run the web server with the following command:



```bash

npm start

```



## Links



This example uses the [Okta Node SDK](https://github.com/okta/okta-sdk-nodejs) and the [Okta OIDC Middleware](https://github.com/okta/okta-oidc-js/tree/master/packages/oidc-middleware).



## Help



Please [raise an issue](https://github.com/oktadeveloper/okta-node-express-15-minute-auth-example/issues) if you find a problem with the example application, or visit our [Okta Developer Forums](https://devforum.okta.com/). You can also email [[email protected]](mailto:[email protected]) if would like to create a support ticket.



## License



Apache 2.0, see [LICENSE](LICENSE).