Four-Project Series
Federation and Single Sign-On with OpenID Connect you own this product
- prerequisites
- basic JavaScript • basic npm use • intermediate in-browser development tools • basic command line/terminal proficiency
- skills learned
- route management and middleware in Express.js • use OpenSSL to generate secure, random strings • fetch and cache data in Node.js • perform an Authorization Code grant • Single Sign-On between applications on different domains using OpenID Connect • define and use scopes • validate JWTs • authorize API calls using OAuth2
pro $24.99 per month
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose one free eBook per month to keep
- exclusive 50% discount on all purchases
lite $19.99 per month
- access to all Manning books, including MEAPs!
team
5, 10 or 20 seats+ for your team - learn more
You’re the sole engineer for PrincipalStack, an online publication for new developers. Previously, PrincipalStack only accepted internal submissions, but its cofounder would like to improve user engagement by inviting every community member to register, log in, and post comments. Your task is to enable sharing of user identities between the web application and post creation system built as a standalone single-page application (SPA). Using tools including Node.js, HTML, and npm, you’ll build an authorization server, implement authorization using OpenID Connect, build an OAuth2-Protected API, and enable your internal team to work in both the newly built community-engaging SPA and the main application—all with the same identity. Once you’ve finished this series of liveProjects, you’ll have valuable hands-on experience with authentication, authorization, Single Sign-On between applications, defining and using scopes and permissions, validating JWTs, and other federation essentials.
These projects are designed for learning purposes and are not complete, production-ready applications or solutions.
This was a great work and I would like to give my congratulations to the author.
here's what's included
Project 1 Build an Authorization Server
After six years of accepting only internal submissions, PrincipalStack’s cofounder would like to invite all community members to register, log in, and post comments. As the sole engineer for the publication, your task is to build the foundation for this entire system: the authorization server. Using Express on Node.js, you’ll install, configure, and test an OpenID Connect-capable authorization server. You’ll build the pages that let users create their profile, prove their identity, and end their session. You’ll also foster community participation by allowing users to log in with an email address—and without a password.
Project 2 Login with OIDC
You’re the sole engineer for PrincipalStack, an online publication focused on teaching software engineering the right way. As part of the company’s efforts to engage new users, your job is to connect the newly built OpenID Connect server with the main web application. Using Node.js, you’ll register the new web application with the authorization server, install and configure an OpenID Connect library, implement login authorization with OAuth 2.0, and integrate the new OpenID Connect authentication with an existing set of users.
Project 3 Build an OAuth2-Protected API
Improve developer engagement in PrincipalStack, an online publication of software development content. As its sole software engineer, your task is to create an API to expose the posting functionality of the Node.js web application. You’ll build a simple CRUD (create, read, update, delete) API and protect it with JWT-formatted access tokens issued by the authorization server, while maintaining the association between the content managed by the API and the original user who created it. When you’re done, you’ll have provided an interface for all external contributors, enhancing their user experience.
Project 4 Modify a SPA to Use OIDC
As the sole engineer for PrincipalStack, an online developer-focused publication, your task is to use an authorization server to log in users and enable your internal team to work in both the newly built community-engaging, single-page application (SPA) and the main (legacy) application—under the same identity. When you’re done, you’ll have leveraged tools including browser-provided JavaScript APIs and HTML to modify the SPA so that it can request, store, and use access tokens tied to that single identity to call the API.
book resources
When you start each of the projects in this series, you'll get full access to the following book for 90 days.
choose your plan
pro
monthly
annual
$24.99
$249.99
only $20.83 per month
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose another free product every time you renew
- choose twelve free products per year
- exclusive 50% discount on all purchases
-
![]()
Federation and Single Sign-On with OpenID Connect project for free
Federation and Single Sign-On with OpenID Connect project for free
team
monthly
annual
$49.99
$499.99
only $41.67 per month
- five seats for your team
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose another free product every time you renew
- choose twelve free products per year
- exclusive 50% discount on all purchases
-
![]()
Federation and Single Sign-On with OpenID Connect project for free
I did learn what I was hoping to learn and I’ll certainly apply the knowledge in some of my upcoming projects.
Prerequisites
This liveProject is for intermediate JavaScript developers with some experience building or maintaining a web application using Node.js and using client-side JavaScript in a browser. To begin these liveProjects you’ll need to be familiar with the following:
TOOLS- Basic JavaScript (declare variables, use loops and branches, object and array destructuring, debugging, error handling, etc.)
- Basic Node.js
- Basic npm use
- Basic command line/terminal proficiency
- Basic HTML, specifically forms
- Intermediate in-browser development tool use (such as network call tracing including URL parameters, request and response headers, and URL parameters; cookie management; and browser console debugging)
- Basic package management and execution using npm
- Use environment variables to store sensitive or application-specific data
- Make simple HTTP requests using cURL or another tool
you will learn
In this liveProject series, you’ll build an OIDC-capable authorization server, implement login using OpenID Connect, build an OAuth2-protected API, and modify a SPA so that it can request, store, and use access tokens to call an API.
- Route management and middleware in Express.js
- Use OpenSSL to generate secure, random strings used to sign tokens and session data
- Fetch and cache data in Node.js
- Perform an Authorization Code grant, with and without PKCE
- Single Sign-On between applications on different domains
- Define and use scopes, permissions, and claims
- Validate and consume JWT-formatted ID and access tokens
- Call an API from a single-page application using tokens
features
- Self-paced
- You choose the schedule and decide how much time to invest as you build your project.
- Project roadmap
- Each project is divided into several achievable steps.
- Get Help
- While within the liveProject platform, get help from other participants and our expert mentors.
- Compare with others
- For each step, compare your deliverable to the solutions by the author and other participants.
- book resources
- Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.
