In this guide you'll learn how to set up the sample application.
You need to have registered an application using the Developer Portal in your IBM Security Verify tenant. See Using the Developer Portal for details. During registration, pick Authorization Code as the grant type.
You need to have node.js installed on the system where you will run the sample application. Download node.js.
You need to have a browser installed on the system where you will run the sample application.
Access the Developer Portal of your IBM Security Verify tenant. Usually you will find this as a tile in the end user launchpad.
From the My applications page, select your application and then click the App setup link that appears at the top of the details sidebar.
Select the node.js tile.
Select the Download app button. This will download a ZIP file containing the sample application.
This ZIP file contains customized content
The zip file you download here is specific to your environment. It contains a .env file which is pre-completed with your tenant ID and the clientid and client_secret for the registered application. The filename of this ZIP file is set based on the application name:
- Extract the ZIP file to the location where you will run the sample application.
In the directory that was created when you extracted the ZIP file, run the following command to install the node modules required by the sample application:
added 61 packages, and audited 62 packages in 2s
found 0 vulnerabilities
In the directory that was created when you extracted the ZIP file, run the following command to start the sample application:
> [email protected] start
> node server.js
Navigate to http://localhost:3000
The application is now running on IP address 127.0.0.1 (localhost) on port 3000.
Using a browser on the same system where you have started the sample application, connect to:
All being well, you should be immediately redirected to the login page of your IBM Security Verify tenant.
Login to your IBM Security Verify tenant. You can use any authentication method available.
Once authentication is complete, you'll be re-directed back to your sample application. It will complete the single sign-on flow to get access to identity information for the user that authenticated. The information received is displayed in the browser:
The attributes that are shared from your IBM Security Verify tenant to the application are controlled by the requested OpenID Connect scopes and by the configuration of the Developer Portal (which is set by your tenant administrator).
If you want to receive additional information, try adding additional scopes to the
.env file of the sample application:
SCOPE=openid profile email phone
Updated 6 months ago