Original post written by Matt Raible for Auth0 blog.
Learn how to use OktaDev Schematics to add authentication to your JavaScript projects.
Hello,
My name is Matt Raible, and I am a developer advocate at Okta. In early 2019, I created OktaDev Schematics to simplify my life when doing Angular demos. But let me step back a bit first. I've worked at Okta for over five years; before that, I was an independent consultant for 20 years, mainly doing Java and web development for clients.
I've learned a lot about OpenID Connect (OIDC) and Okta's JavaScript SDKs over the years and only recently tried to use Auth0's JavaScript SDKs. Over the last couple of weeks, I learned how to use them and integrated many into OktaDev Schematics.
I was pleasantly surprised by the experience because the configuration often boils down to two main values: domain
and clientId
. You do have to add callback URLs too, but these are often the same as your app's homepage, so you don't need to add routes in your application. And then, it just works! There's no need to worry about issuers or other OIDC concepts.
This is a strong departure from how we've done things in Okta's SDKs, where we expect people to know about OpenID Connect. We often try to educate developers about OAuth and OIDC, but since these topics are complex, they can be challenging to understand. I like the approach of just needing two values, and everything just works!
What Is OktaDev Schematics?
OktaDev Schematics is a tool I developed to help streamline the integration of OpenID Connect into JavaScript (or TypeScript) applications.
In my first few years at Okta, I'd demo how to use our Angular SDK at conferences, and I'd inevitably miss a step, causing the demo to fail. A failing demo is frustrating, so I created OktaDev Schematics to fix it.
My idea was simple:
- Create an app using the framework's CLI
- Integrate OIDC authentication using templates
- Add a unit test to prove nothing breaks
The project builds on Angular Schematics, so it's incredibly easy to use, particularly in Angular projects, but applies to other frameworks as well.
ng add @oktadev/schematics
This command will prompt you for an issuer and client ID, and then OktaDev Schematics will configure your app to use them. If you're using the Auth0 CLI, you'll need to create a Single-Page Application (SPA) app to get these values.
auth0 apps create
💡 TIP: You can also create a SPA app using the Auth0 dashboard if you prefer GUIs over CLIs.
In the latest release, I've made it so that adding an --auth0
flag will set up your project to use Auth0 instead of Okta.
- Angular:
ng new
andng add @oktadev/schematics --auth0
- Ionic:
ionic start
andng add @oktadev/schematics --auth0
My Add OpenID Connect to Angular Apps Quickly tutorial explains what this command does and shows screenshots of the changes. You can even view the changes it makes on GitHub.
The tool is smart enough to detect the framework you're using and if you're using TypeScript or JavaScript.
If you want to create a React or Vue app, you'll need to perform a few steps:
- Create your React app with Create React App:
npx create-react-app secure-app
💡 TIP: Add
--template typescript
if you want TypeScript support.
For Vue, use npx @vue/cli create secure-app
.
- Install the Schematics CLI globally:
npm i -g @angular-devkit/schematics-cli
- In the
secure-app
project, install OktaDev Schematics and run theadd-auth
schematic:
npm i -D @oktadev/schematics
schematics @oktadev/schematics:add-auth
As you can guess, the integration is pretty bare-bones. It configures the SDK and adds a login/logout button. I believe this is in line with the apps each CLI generates. They're pretty bare-bones too!
If you'd like to see how the templates differ between Okta and Auth0, you can view the templates on GitHub. If you have a GitHub account, you can also launch github.dev/oktadev/schematics and navigate to src/add-auth/{auth0,okta}
.
JavaScript Framework Support
There's a wealth of popular frameworks currently supported by OktaDev Schematics:
See the project's links section if you want to learn more about Okta or Auth0's SDKs.
The support for Ionic currently only includes Angular. However, Ionic does support React and Vue too. To make OIDC authentication work, I leveraged Ionic AppAuth. One cool thing about this library is it has React and Vue examples available. I recently updated these to work with Capacitor 4.
Top comments (0)