This repository contains a sample of integrating with Okta for authentication using the redirect model in a Node.js Express app.
Read more about getting started with Okta and authentication best practices on the Okta Developer Portal.
This code sample demonstrates
- Configuring Okta
- Sign-in and sign-out
- Protecting routes
- Displaying user profile information from the ID Token
Before running this sample, you will need the following:
- The Okta CLI Tool
- An Okta Developer Account (create one using
okta register, or configure an existing one withokta login)
Grab and configure this project using okta start express.
Follow the instructions printed to the console. See the next section to enable Refresh Tokens.
Manually enable Refresh Token on your Okta application to avoid third-party cookies. Sign in to your Okta Developer Edition account. Press the Admin Console button to navigate to the Okta Admin Console. In the sidenav, navigate to Applications > Applications and find the Okta application for this project named okta-express-sample. Edit the application's General Setting to enable the Refresh Token checkbox. Save your changes.
To run this application, install its dependencies:
npm install
With variables set, start your app:
npm start
Navigate to http://localhost:3000 in your browser.
If you see a home page that prompts you to login, then things are working! Clicking the Log in button will redirect you to the Okta hosted sign-in page.
You can sign in with the same account that you created when signing up for your Developer Org, or you can use a known username and password from your Okta Directory.
Note: If you are currently using your Developer Console, you already have a Single Sign-On (SSO) session for your Org. You will be automatically logged into your application as the same user that is using the Developer Console. You may want to use an incognito tab to test the flow from a blank slate.
Please visit our Okta Developer Forums.