LogoLogo
  • Technical Direction
  • Technical overview
    • Technical Implementation
    • API Design Guide
      • Data Definitions and Standards
      • Data Transfer Objects
      • Documentation
      • Environments
      • Error Handling
      • Example API Service
      • GraphQL Naming Conventions
      • Methods
      • Naming Conventions
      • Once Only Principle
      • Pagination
      • Resource Oriented Design
      • REST Request
      • REST Response
      • Security
      • Versioning
    • Ísland.is Public Web Data Flow
    • Code Reviews
    • Code Standards
    • Monorepo
    • Project Management
    • Teamwork
    • Architectural Decision Records
      • Use Markdown Architectural Decision Records
      • Use NX
      • Continuous Integration
      • CSS
      • Branching and Release Strategy
      • Error Tracking and Monitoring
      • What API Management Tool to Consider
      • Viskuausan Static Site Generator
      • Use OAuth 2.0 and OpenID Connect As Protocols for Authentication and Authorization
      • Unified Naming Strategy for Files and Directories
      • CMS
      • Open Source License
      • What Chart Library Should We Use Across Island.is?
      • What Feature Flag Service/application Should We Use at Island.is?
      • Logging, Monitoring and APM Platform
      • ADR Template
    • Log Management Policy
  • Products
    • Island.is Authentication Service
      • Terminology
      • Integration Options
      • Authentication Flows
      • Authorising API Endpoints
      • Session Lifecycle
      • Scopes and Tokens
      • Delegations
      • Configuration
      • Tools and Examples
      • Environments
      • Test IAS with Postman
    • Notifications / Hnipp
      • New Notification Setup Guide
      • Notifications service workflow overview
      • Email notifications
    • Pósthólfið
      • Security Checklist
      • Introduction
      • Skjalatilkynning API
      • Skjalaveita API
      • Sequence Diagram
      • Interfaces
    • Straumurinn (X-Road)
      • Architecture Guidelines for Service Providers and Consumers
      • Setting up an X-Road Security Server
        • Network Configuration
      • X-Road - Uppfærsla á öryggisþjónum
      • Straumurinn - Notkun og umsýsla
      • X-Road Central - current version
  • Development
    • Getting Started
    • Generating a New Project
    • Definition of done
    • Devops
      • Continuous Delivery
      • Database
      • Dockerizing
      • Environment Setup
      • Logging
      • Metrics
      • NextJS Custom Server
      • Observability
      • Operations Base Principles
      • Security
      • Service Configuration
      • Support
    • AWS Secrets
    • Feature Flags
    • Documentation Contributions
    • Defining Monorepo Boundaries With Tags
    • OpenAPI
    • Code Generation
    • Workspace Settings (Deprecated)
    • External Contributions
  • REFERENCE
    • Problems
      • 400 Validation Failed
      • 400 Attempt Failed
      • 403 Bad Subject
      • 400 500 Template API Error
    • Glossary
  • Misc
    • Guide: Adding a Payment Step to an Application
    • Guide: Enable Organisations to Make Requests to an Application
    • README Template
Powered by GitBook
On this page
  • Tools
  • Examples
  • NestJS:
  • .NET
  • Next.js
  • Postman

Was this helpful?

  1. Products
  2. Island.is Authentication Service

Tools and Examples

Authentication is a security critical part of applications, SPs SHOULD implement it with high-quality OIDC libraries rather than implementing OIDC from scratch.

Tools

We recommend these libraries and frameworks to integrate OIDC:

Authentication

  • NextAuth.js - Authentication for Next.js projects.

  • node-openid-client - OIDC implementation for Node.js.

  • AppAuth - OIDC implementation for mobile apps: iOS, Android, JS, React Native and Flutter.

  • ASP.NET Core Authentication - OIDC implementation for .NET.

  • Nimbus OAuth + OIDC SDK - OIDC implementation for Java Applications.

Validating access tokens

  • Nimbus JOSE + JWT - JWT validation for Java.

  • passport-jwt + jwks-rsa - JWT validation for Node.js.

  • ASP.NET Core Authentication - JWT validation for .NET.

Examples

We have a few sample integration projects showing how to connect to the authentication system in various languages and platforms.

For now, these examples are in a private repo and only available to our early integration partners.

NestJS:

There are two different NestJS services which use IAS.

  1. A service with a "JWT" auth-guard that can be added as a guard to controllers or functions, meaning that it’s only possible for tokens issued by IAS with a specific scope to call those controllers or functions. It includes an OpenApi schema and Swagger configuration so that you can authenticate with IAS and call the service endpoints directly from Swagger.

  2. A service which calls another service using IAS access tokens. The purpose of this example is to show how to use Client Credentials to get an Access Token from IAS in NestJS.

.NET

We implemented two different .NET services which use IAS.

  1. A service which authorises Access Tokens from IAS, meaning that it requires tokens issued by IAS with a specific scope to call the controllers or functions in the service marked with the Authorization flag. It includes an OpenApi schema and Swagger configuration so that you can authenticate with IAS and call the service endpoints directly from Swagger.

  2. A service which calls another service using IAS access tokens. The purpose of this example is to show how to use Client Credentials to get an Access Token from IAS in NestJS.

Next.js

A next.js example that demonstrates how you can generate and use the token from IAS. It also demonstrates how you can use that token to call a function in one of the demo services above.

Postman

Check out our article on how to configure Postman to authenticate with IAS.

PreviousConfigurationNextEnvironments

Last updated 1 year ago

Was this helpful?