search
how tos

Integrate Authentication

After you’ve added your app to the tenant, you can integrate authentication into your app. Express provides four authentication services to choose from:

Username and Password

Users enter a username and password. Express verifies the user credentials against an identity data store in the ForgeRock Identity Cloud. This is the most basic and least secure form of authentication. It’s typically used for testing purposes.

Passwordless Login With WebAuthN

Users verify their identities without passwords. The Express implementation requires users to enter their passwords once. On subsequent sign-ins, users verify their identities through an authenticator.

An authenticator is a device such as a PC, mobile phone, or tablet that can:

  • Set up a private/public key pair
  • Confirm consent by a user, locally

You can read more about How It Works.

2FA

Basic two-factor authentication requires two means of verifying a user identity. Username and password credentials are usually the first means. Typically, for the second means, the app sends the user a confirmation code through SMS or Email. The user must submit that confirmation code to access to the app.

You can read more about How It Works.

2FA + WebAutN

Two-factor authentication with WebAthN requires two means of verifying a user identity. Username and password credentials are usually the first means. In web authentication, the second means is an authenticator.

An authenticator is a device such as a PC, mobile phone, or tablet that can:

  • Set up a private/public key pair
  • Locally confirm consent by a user

You can read more about How It Works.


To use the Express REST APIs: In the Express Postman Collection,
go to Authentication APIs > Authentication.

alt text

To use the Express SDK: See the ForgeRock SDKs Beta Docs

For questions or feedback, contact us.