Single Sign-On

Modify a SPA to Use OIDC you own this product

This project is part of the liveProject series Federation and Single Sign-On with OpenID Connect
prerequisites
basic HTML, specifically forms
skills learned
use a browser's built-in storage, fetch, DOM, and crypto APIs • use event listeners • implement PCKE
Josh Cunningham
1 week · 6-8 hours per week · BEGINNER
Included with a Manning Online subscription
try now

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

Look inside

As the sole engineer for PrincipalStack, an online developer-focused publication, your task is to use an authorization server to log in users and enable your internal team to work in both the newly built community-engaging, single-page application (SPA) and the main (legacy) application—under the same identity. When you’re done, you’ll have leveraged tools including browser-provided JavaScript APIs and HTML to modify the SPA so that it can request, store, and use access tokens tied to that single identity to call the API.

This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Josh Cunningham

Josh Cunningham is a staff product engineer at Okta (formerly Auth0) leading a team of engineers to help partners build identity solutions. Previously, he led the onboarding program for new engineers and built open-source SDKs to help customers connect their applications to Auth0 using OpenID Connect, OAuth2, and SAML. Josh has been teaching and writing about technology for over two decades in various leadership, design, and engineering roles.

prerequisites

This liveProject is for intermediate JavaScript developers with some experience working with JavaScript in the browser, including basic browser debugging. To begin these liveProjects you’ll need to be familiar with the following:

TOOLS
  • Basic JavaScript (declare variables, use loops and branches, object and array destructuring, debugging, error handling, etc.)
  • Basic Node.js (including npm and Express.js)
  • Basic command line/terminal proficiency
  • Basic and intermediate in-browser development tool use (such as network call tracing (including URL parameters and request headers) and cookie management)
  • Basic HTML
  • Use npm to create a new JS project and manage packages
  • Store and use environment variables in a Node environment

you will learn

In this liveProject, you’ll learn tools and skills for modifying a SPA so that it can request, store, and use access tokens tied to that single identity to call the API.

  • Install and configure packages using the Node Package Manager (npm)
  • Use Webpack to compile loaded npm packages into browser-loaded JavaScript code
  • Generate secure, random string values using OpenSSL
  • Use an open-source library to validate ID tokens from the authorization server response
  • Fetch and cache the metadata from an authorization server to find authorization, token, and logout endpoints
  • Fetch and cache public keys (JWKS) from an authorization server to validate access tokens
  • Implement PKCE to augment the authorization code exchange
  • Use the browser's built-in storage, fetch, DOM, and crypto APIs to persist data, load views, and make requests
  • Use event listeners to handle user interaction
  • Map available scopes to routes in the application

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.

choose your plan

pro

monthly
annual
$24.99
$249.99
only $20.83 per month
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Modify a SPA to Use OIDC project for free

team

monthly
annual
$49.99
$499.99
only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Modify a SPA to Use OIDC project for free