NodeJS Express Sample OIDC Application for your Okta Org

This repository contains a sample Node JS application that uses Express framework. It uses OpenID Connect library to integrate with your Okta org.

Prerequisites

1. Make sure you have Node.js installed on your machine
   To check version of Node.js and NPM, run the below commands on your command prompt
   Check the versions of NodeJS and NPM

   node -v
   npm -v
   

   
   
   If you need to download Node.js then you can download from here https://nodejs.org/en/download/
   

2. Sign up for Okta Developer Edition.
   You'll need an Okta organization of your own to use as you follow this guide. After activating your account, log in to it. If you just created an account, you'll see a screen similar to the one below. Click on < > Developer Console in the top-left corner and switch to the Classic UI.

How to integrate this application with your Okta Org

Please follow these steps to configure and run this application in your NodeJS environment

1. Download the sample application from git
   git clone https://github.com/sami-dev/nodejs-express-okta-sample.git

2. Go inside the downloaded folder and npm install command

   cd nodejs-express-okta-sample
   npm install
   

   
   
   
   • npm install downloads dependencies defined in a package. json file and generates a node_modules folder with the installed modules

3. Configure a Web Application in your Okta Org

   • Login to your Okta Org
   • Go to Applications --> Applications
     • Click on Create new application
   • Provide below information in "Create a new app integration" wizard
     • Select Sign-On method as OIDC - OpenID Connect
     • Select Application type as "Web Application"
     
     
   • Provide Application configuration information and assign application to user groups
     For Example:
     • Application Name: My NodeJS Express App
     • Grant Type: Authorization Code
     • Sign-in Redirect URIs: http://localhost:3000/authorization-code/callback
     • Sign-out Redirect URIs: http://localhost:3000
     • Assignments: Limit access to selected groups : Sales
     
     
   • Review the application configuration and group assignments
     
   • Copy the Client Id and Client secret from the application configuration
     
   • Go to Security --> API --> Authorization servers --> default
     • Copy the issuer information
     
     

4. Update the OIDC configuration inside index.js
   Open the application code in a text editor and update the OIDC configuration

      const oidc = new ExpressOIDC({
        issuer: "https://dev-####.oktapreview.com/oauth2/default",
        client_id: "################",
        client_secret: "#######################",
        appBaseUrl: "http://localhost:3000",
        scope: "openid profile",
      });
   

5. Run the application

   • Start the application

     node index.js
     

     
     
   • Access the application in a new browser window
     • http://localhost:3000/
     
     
   • Click on Login link and login page should appear
     
   • Login with an active account of your Okta org
   • After login, you should see a Welcome message
     
   • Click on Logout link to make sure logout is working fine
     

References

• Create an OIDC app integration using AIW
• Simple Node Authentication
• Simple Express Application
• Build Simple Authentication in Express in 15 minutes

Authors

• Sami Abdul