Tools and Examples

Authentication is a security critical part of applications, SPs SHOULD implement it with high-quality OIDC libraries rather than implementing OIDC from scratch.

Tools

We recommend these libraries and frameworks to integrate OIDC:

Authentication

NextAuth.js - Authentication for Next.js projects.
node-openid-client - OIDC implementation for Node.js.
AppAuth - OIDC implementation for mobile apps: iOS, Android, JS, React Native and Flutter.
ASP.NET Core Authentication - OIDC implementation for .NET.
Nimbus OAuth + OIDC SDK - OIDC implementation for Java Applications.

Validating access tokens

Nimbus JOSE + JWT - JWT validation for Java.
passport-jwt + jwks-rsa - JWT validation for Node.js.
ASP.NET Core Authentication - JWT validation for .NET.

Examples

We have a few sample integration projects showing how to connect to the authentication system in various languages and platforms.

For now, these examples are in a private repo and only available to our early integration partners.

NestJS:

There are two different NestJS services which use IAS.

A service with a "JWT" auth-guard that can be added as a guard to controllers or functions, meaning that it’s only possible for tokens issued by IAS with a specific scope to call those controllers or functions. It includes an OpenApi schema and Swagger configuration so that you can authenticate with IAS and call the service endpoints directly from Swagger.
A service which calls another service using IAS access tokens. The purpose of this example is to show how to use Client Credentials to get an Access Token from IAS in NestJS.

.NET

We implemented two different .NET services which use IAS.

A service which authorises Access Tokens from IAS, meaning that it requires tokens issued by IAS with a specific scope to call the controllers or functions in the service marked with the Authorization flag. It includes an OpenApi schema and Swagger configuration so that you can authenticate with IAS and call the service endpoints directly from Swagger.
A service which calls another service using IAS access tokens. The purpose of this example is to show how to use Client Credentials to get an Access Token from IAS in NestJS.

Next.js

A next.js example that demonstrates how you can generate and use the token from IAS. It also demonstrates how you can use that token to call a function in one of the demo services above.

Postman

Check out our article on how to configure Postman to authenticate with IAS.

PreviousConfiguration NextEnvironments

Last updated 5 months ago