This sample app demonstrates how to authenticate users in single page apps and does not require any server side code.

Note: Implicit flow is no longer recommended. Best practice is to use Auth Code Flow + PKCE.

The sample makes use of a pure Javascript OpenId Connect Client. We have included a minified version of this client in public/javascripts/oidc-client.min.js or you can fetch the latest version here.

We have kept this sample to minimum functionality. However the UserManager in OIDC Client library has many useful features for authenticating via popups, logging out, and getting user info. Check out the wiki and samples in the Github repo.

In order to run this sample you need to setup an OpenId Connect app in your OneLogin Admin portal.

If you don't have a OneLogin developer account you can sign up here.

Clone this repo and then update /javascripts/main.js with the client_id you obtained from OneLogin and the subdomain of your OneLogin account.

Note that with the Implicit flow the client_secret is not required.

The sample will automatically set the redirect_uri to the host location that the sample is running on. You need to make sure that this matches what you specified as the Redirect Uri when you setup your OIDC app connector in the OneLogin portal.

This sample uses node to serve up the single home page.

From the command line run

> npm install
> npm start

By default these samples will run on http://localhost:3000.

You will need to add your callback url to the list of approved Redirect URIs for your OneLogin OIDC app via the Admin portal. e.g. http://localhost:3000