This example shows you how to use the Okta Angular Library to login a user to a Angular application. The login is achieved through the Implicit Flow, where the user is redirected to the Okta-Hosted login page. After the user authenticates they are redirected back to the application with an ID Token and Access Token.
This example is built with Angular CLI.
Before running this sample, you will need the following:
- An Okta Developer Account, you can sign up for one at https://developer.okta.com/signup/.
- An Okta Application, configured for Singe-Page App (SPA) mode. This is done from the Okta Developer Console and you can find instructions here. When following the wizard, use the default properties. They are are designed to work with our sample applications.
To run this application, you first need to clone this repo and then enter into this directory:
git clone git@github.com:okta/samples-js-angular.git
cd samples-js-angular/okta-hosted-loginThen install dependencies:
npm installNow you need to gather the following information from the Okta Developer Console:
- Client Id - The client ID of the SPA application that you created earlier. This can be found on the "General" tab of an application, or the list of applications. This identifies the application that tokens will be minted for.
- Issuer - This is the URL of the authorization server that will perform authentication. All Developer Accounts have a "default" authorization server. The issuer is a combination of your Org URL (found in the upper right of the console home page) and
/oauth2/default. For example,https://dev-1234.oktapreview.com/oauth2/default.
Now place these values into the file src/app/.samples.config.ts that was created for you in this project:
export default {
oidc: {
clientId: '{clientId}',
issuer: 'https://{yourOktaDomain}.com/oauth2/default',
redirectUri: 'http://localhost:8080/implicit/callback',
scope: 'openid profile email'
},
};Now start the app server:
ng serve
Now navigate to http://localhost:8080 in your browser.
If you see a home page that prompts you to login, then things are working! Clicking the Log in button will redirect you to the Okta hosted sign-in page.
You can login with the same account that you created when signing up for your Developer Org, or you can use a known username and password from your Okta Directory.
Note: If you are currently using your Developer Console, you already have a Single Sign-On (SSO) session for your Org. You will be automatically logged into your application as the same user that is using the Developer Console. You may want to use an incognito tab to test the flow from a blank slate.
If you were able to successfully login in the previous section you can continue with the resource server example. Please download and run one of these sample applications in another terminal:
Once you have the resource server running (it will run on port 8000) you can visit the /messages page within the Angular application to see the authentication flow. The Angular application will use its stored access token to authenticate itself with the resource server, you will see this as the Authorization: Bearer <access_token> header on the request if you inspect the network traffic in the browser.