Skip to content

oktadev/okta-node-rest-api-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

auth.js

auth.js

 
 

client.js

client.js

 
 

database.js

database.js

 
 

index.js

index.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Simple REST API with Node and OAuth 2.0

This example app shows how to create a REST API in Node and secure it with OAuth 2.0 Client Credentials using Okta. This also has an example client written as a CLI that can authenticate with Okta and use the REST API.

Getting Started

Install Dependencies

After cloning the repository, simply run npm install to install the dependencies.

Save Environment Variables

If you don't have one already, sign up for a free Okta Developer account. Log in to your developer console to get the following information.

Create a file named .env that has the following variables, all obtained from your Okta developer console:

  • ISSUER

    Log in to your developer console and navigate to API > Authorization Servers. Copy the Issuer URI for the default server.

  • SCOPE

    Click on the word default to get details about the authorization server. Go to the Scopes tab and click the Add Scope button. Give it a name and optionally a description. The example app is for a parts manager, so for example you could name it parts_manager.

  • CLIENT_ID

    Navigate to Applications, then click the Add Application button. Select Service, then click Next. Choose a name then click Done. The Client ID is shown on the next page.

  • CLIENT_SECRET

    The Client Secret is on the same page as the Client ID

When you're done, your .env file should look something like this:

ISSUER=https://dev-123456.oktapreview.com/oauth2/default
SCOPE=parts_manager
CLIENT_ID=0123456789abcdefghij
CLIENT_SECRET=0123456789abcdefghijklmnopqrstuvwxyz0123

Run the Server

To run the server, run npm start from the terminal.

Run the Client

To make secure API requests, you'll need to use the client located at client.js.

USAGE

node client url [method] [jsonString]

  • url (required): the path to your server along with the endpoint (e.g. http://localhost:3000/parts)
  • method (optional): the HTTP verb for the REST call (e.g. delete or post). Defaults to get
  • jsonString (optional): stringified JSON data for use in put or post calls (e.g. '{"partNumber":"asdf-1234"}')

EXAMPLES

  • node client http://localhost:3000/parts: get a list of all parts
  • node client http://localhost:3000/parts post '{"partNumber":"asdf-1234"}': creates a new part with part number asdf-1234
  • node client http://localhost:3000/parts/1: gets details about the part with and id of 1
  • node client http://localhost:3000/parts/7 put '{"name":"A single dairy farm"}': updates the name field of the part with an id of 7
  • node client http://localhost:3000/parts/11 delete: deletes the part with an id of 11

License

Apache 2.0, see LICENSE.

About

Simple REST API with Node and OAuth 2.0

developer.okta.com/blog/2018/08/21/build-secure-rest-api-with-node

Topics

nodejs javascript oauth2 rest rest-api

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

16 stars

Watchers

8 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages