How-tos

2 mins read

Add Application

Integrate application for user login, single-sign on (SSO), and access control.

  1. Select Applications > Clients > Create client in the selected workspace.

  2. Provide a name for your application, pick the Server-Side Web type, and select Create.

    Create application

  3. Configure the redirect URI for your application.

    The redirect URI tells us where to redirect users after authentication and consent gathering.

    Redirect URI setup

  4. Copy or download the client application configuration (client ID and secret) and add it to your application code. Use any OAuth library you want!

    Copy credentials

    Node.Js with NextAuth.js
    Node.js with Passport and OIDC
                   
                      
       // try demo at https://github.com/nextauthjs/next-auth-example
       // go to file pages/api/auth/[...nextauth].ts and modify providers array as showcased below
    
       import NextAuth, { NextAuthOptions } from "next-auth"
    
       // For more information on each option (and a full list of options) go to
       // https://next-auth.js.org/configuration/options
       export const authOptions: NextAuthOptions = {
           secret: "some-secret-secret",
           // https://next-auth.js.org/configuration/providers/oauth
           providers: [
               {
                   id: "cloudentity",
                   name: "Cloudentity",
                   type: "oauth",
                   version: "2.0",
                   wellKnown: "https://postmance.eu.authz.cloudentity.io/postmance/docs/.well-known/openid-configuration",
                   clientId: "4f91bea492b74b819a5d9961977beef6",
                   clientSecret: "PH-668ZM_6IGHE7Feji7UQZ5MOzZlBbKJ_9ctKmtIjg",
                   authorization: {params: {scopes: ["openid", "profile", "email"]}},
                   profile(profile) {
                       return {
                           id: profile.sub,
                           name: profile.name,
                           email: profile.email
                       }
                   }
               }
           ],
           callbacks: {
               async jwt({ token }) {
                   token.userRole = "admin"
                   return token
               },
           },
       }
    
       export default NextAuth(authOptions)
       
                   
                      
       // try demo at https://github.com/passport/todos-express-openidconnect
       // go to file routes/auth.js and modify the OpenIdConnectStrategy to use your cloudentity server configuration
    
       // ...
    
       passport.use(new OpenIDConnectStrategy({
           issuer: 'https://postmance.eu.authz.cloudentity.io/postmance/docs',
           authorizationURL: 'https://postmance.eu.authz.cloudentity.io/postmance/docs/oauth2/authorize>,
           tokenURL: 'https://postmance.eu.authz.cloudentity.io/postmance/docs/oauth2/token',
           userInfoURL: 'https://postmance.eu.authz.cloudentity.io/postmance/docs/userinfo',
           clientID: "95768bc9b1b94a35bd17b5d9fe5a66d0",
           clientSecret: "ojHkryV4hQS781l8nTtk-VmJFR4shjjpd96YQncCWd4",
           callbackURL: '/api/auth/callback/cloudentity',
           scope: [ 'profile' ]
       }, function verify(issuer, profile, cb) {
           return cb(null, profile);
       }));
    
       // ...
    
       router.get('/api/auth/callback/cloudentity', passport.authenticate('openidconnect', {
           successReturnToOrRedirect: '/',
           failureRedirect: '/login'
       }));
       
  5. Access your application and try the sign in.

Next Steps

Updated: Jul 5, 2023