Use Hosted Pages

In this QuickStart you’ll:

  • Use the Express console to add a web app to the tenant.
  • Follow the ForgeRock SDK sample app to integrate authentication into your app.
  • Examine how registration and authentication work with the ForgeRock hosted pages.

Step 1: Configure a Web App

A. Sign in to the Express console at

B. Click Applications > New Application > Web.

application console

C. On the New Web Application page, enter the following information, and then click Save.

Entry Description
Name A unique name for your app
Description Optional description of your app
Login Redirect URL Whitelist URLs to allow redirect to after login
http://localhost:9080/callback, http://localhost:9080/callback/non-hosted
Logout Redirect URL Whitelist URLs to allow redirect to after logout
Description Optional

D. Save the Client ID and Client Secret. You’ll use this information when you configure the sample web app.

Step 2: Set up the Sample App

The sample app is a node.js app.

A. Install the following software:

B. Clone the repository.

Step 3: Run the Sample App

In the web app you can now test self-registration, sign-ins, and sign-outs. Passwords are governed by complexity rules shown in your web app. See

A. At the command-line, go to the directory where you saved the app-sdk.

B. Run the following commands using the Tenant Name and Client ID created in Step 1:

$ npm i
$ sh {Tenant Name} {Client ID} {Client Secret} RS256

C. In a browser, go to http://localhost:9080.


E. Click ‘Register an account’.

F. Register an account (follow the password policy set up in the Express console).

You can now use this account to authenticate. Try authentication in the sample app and check out the user in the admin console.

Where to Go From Here

With a web app, you can adjust settings related to token lifetimes and grant types. For more information on tokens, see the section on how to manage JSON Web Tokens page. The signing algorithm associated with the JWT Token is RSA Signature with SHA-256 (RS256).

To reduce security risks, limit the use of grant types for your applications. For more information, see our discussion on how to Configure Grant Types.

Hosted Pages

  1. In the Express console, click Hosted Pages > Sign Up/Sign In. Try adjusting the hosted pages. Make changes to see how you can configure the registration and sign in experience.

  2. Try our Authentication APIs. They let you use your own sign-in and registration pages.

This sample uses the OAuth 2.0 confidential client type. In this setup, Express exchanges an authorization code for a token. To learn more about authentication flows, see the following section on how to Integrate Authentication.

For questions or feedback, contact us.