getting started

Web App

In this quick start you’ll:

  • Configure a web app in the ForgeRock Identity Cloud Express console.
  • Integrate authentication into your app based on the ForgeRock sample app.
  • Examine how registration and authentication work with the ForgeRock hosted pages.

Step 1: Configure a Web App

1a. Sign in to the Express console at http://{your-organization-name}

1b. Go to Applications > New Application > Web.

application console

1c. On the New Web Application page enter the following information and click Save.

Entry Description
Name A unique name for your app
Description Optional description of your app
Login Redirect URL Whitelist URLs to allow redirect to after login
http://localhost:9080/callback, http://localhost:9080/callback/non-hosted
Logout Redirect URL Whitelist URLs to allow redirect to after logout
Description Optional

1d. Save the Client ID and Client Secret. You’ll use this information when you configure the sample web app.

Step 2: Set up the Sample App

The sample app is a node.js app.

2a. Install the following software:

2b. Clone the repository.

Step 3: Run the Sample App

In the web app you can now test self-registration, sign-ins, and sign-outs. Passwords are governed by complexity rules shown in your web app, at the following URL: https://ui-{tenantName}

3a. At the command-line, navigate to the directory where you saved the app-sdk.

3b. Run the following commands, using the Tenant Name and Client ID created earlier:

$ npm i
$ sh {Tenant Name} {Client ID} {Client Secret} RS256

3c. Open a browser and navigate to http://localhost:9080.

3d. Click ‘HOSTED SIGN-IN’.

3e. Click ‘Register an account’.

3f. Register an account (follow the password policy set up in the admin console)

You can now use this account to authenticate. Try authentication in the sample app and check out the user in the admin console.

Where to Go From Here

With a web app, you can adjust settings related to token lifetimes and grant types. For more information on tokens, see the Tokens page. The signing algorithm associated with the JWT Token is RSA Signature with SHA-256 (RS256).

To reduce security risks, limit the use of grant types for your applications. For more information, see our discussion of Grant Types.

Hosted Pages

  1. In the Admin Console, navigate to Hosted Pages > Sign Up/Sign In. Try adjusting the hosted pages. Make changes to see how you can configure the registration and sign in experience.

  2. Try our Authentication APIs. They let you use your own sign in and registration pages.

This sample uses the OAuth 2.0 confidential client type. In this setup, Express exchanges an authorization code for a token. To learn more about authentication flows, see the following section on how to Incorporate Auth Into Your App.

If you have questions email [email protected].