Branch: master
Find file History
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md docs: Add link to Angular samples repo (#37) Jan 30, 2018
server.js chore: Add license headers (#41) Feb 17, 2018

README.md

Express Resource Server Example

This sample application uses the Okta JWT Verifier library to authenticate requests against your Express application, using access tokens.

The access tokens are obtained via the Implicit Flow. As such, you will need to use one of our front-end samples with this project. It is the responsibility of the front-end to authenticate the user, then use the obtained access tokens to make requests of this resource server.

Prerequisites

Before running this sample, you will need the following:

Running This Example

To run this application, you first need to clone this repo and then enter into this directory:

git clone git@github.com:okta/samples-nodejs-express-4.git
cd samples-nodejs-express-4/

Then install dependencies:

npm install

Now you need to gather the following information from the Okta Developer Console:

  • Client Id - The client ID of the SPA application that you created earlier. This can be found on the "General" tab of an application, or the list of applications. The resource server will validate that tokens have been minted for this application.
  • Issuer - This is the URL of the authorization server that minted the tokens. All Developer Accounts have a "default" authorization server. The issuer is a combination of your Org URL (found in the upper right of the console home page) and /oauth2/default. For example, https://dev-1234.oktapreview.com/oauth2/default.

Now place these values into the file .samples.config.json that was created for you in the root of this project:

{
  "resourceServer": {
    "port": 8000,
    "oidc": {
      "issuer": "https://{yourOktaDomain}.com/oauth2/default"
    },
    "assertClaims": {
      "aud": "api://default",
      "cid": "{clientId}"
    }
  }
}

Now start the resource server:

npm run resource-server

Now navigate to http://localhost:8000 in your browser.

If you see a basic welcome message, then things are working! Now open a new terminal window and run the front-end sample project of your choice (see links in Prerequisites). Once the front-end sample is running, you can navigate to http://localhost:8080 in your browser and log in to the front-end application. Once logged in you can navigate to the "Messages" page to see the interaction with the resource server.