Step 3. Configure connection properties
In this step, you configure the sample app to connect to the authentication tree/journey you created when setting up your server configuration.
-
Choose how you want to configure the sample app. You can either configure the sample by using dynamic configuration, or by create a
.env
file.-
Dynamic configuration
-
Create a
.env
file
-
Open the
/sdk-sample-apps/javascript/embedded-login/src/main.js
file. -
Replace the call to
forgerock.Config.set()
with the following code:await forgerock.Config.setAsync({ serverConfig: { wellknown: '{WELL_KNOWN}' }, clientId: '{WEB_OAUTH_CLIENT}', tree: '{TREE}', scope: '{SCOPE}', redirectUri: `${window.location.origin}/callback.html` });
-
Replace the placeholder strings with the values you obtained when preparing your environment.
- {WELL_KNOWN}
-
The
.well-known
endpoint of your server.PingOne Advanced Identity Cloud example:
https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration
How do I find my PingOne Advanced Identity Cloud .well-known URL?
You can view the
.well-known
endpoint for an OAuth 2.0 client in the PingOne Advanced Identity Cloud admin console:-
Log in to your PingOne Advanced Identity Cloud administration console.
-
Click Applications, and then select the OAuth 2.0 client you created earlier. For example, sdkPublicClient.
-
On the Sign On tab, in the Client Credentials section, copy the Discovery URI value.
PingAM example:
https://openam.example.com:8443/openam/oauth2/realms/root/.well-known/openid-configuration
-
- {WEB_OAUTH_CLIENT}
-
The client ID from your OAuth 2.0 application.
For example,
sdkPublicClient
- {TREE}
-
The simple login journey or tree you created earlier.
For example
sdkUsernamePasswordJourney
. - {SCOPE}
-
The scopes you added to your OAuth 2.0 application.
For example,
address email openid phone profile
The result resembles the following:
main.js
await Config.setAsync({ serverConfig: { wellknown: 'https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration' }, clientId: 'sdkPublicClient', tree: 'sdkUsernamePasswordJourney', scope: 'openid profile email address', redirectUri: `${window.location.origin}/callback.html` });
-
Copy the
.env.example
file in the/sdk-sample-apps/javascript/embedded-login
folder and save it with the name.env
within this same directory.Your
.env
file has the following initial contents:Initial.env
fileSERVER_URL=$SERVER_URL REALM_PATH=$REALM_PATH SCOPE=$SCOPE TIMEOUT=$TIMEOUT TREE=$TREE WEB_OAUTH_CLIENT=$WEB_OAUTH_CLIENT
-
Replace the placeholder strings with the values you obtained when preparing your environment.
- $SERVER_URL
-
The base URL of the server to connect to.
Identity Cloud example:
https://openam-forgerock-sdks.forgeblocks.com/am
Self-hosted example:
https://openam.example.com:8443/openam
- $REALM_PATH
-
The realm in your server.
Usually,
root
for AM andalpha
orbravo
for Advanced Identity Cloud. - $SCOPE
-
The scopes you added to your OAuth 2.0 application.
For example,
address email openid phone profile
- $TIMEOUT
-
The simple login journey or tree you created earlier, for example
sdkUsernamePasswordJourney
. - $TREE
-
The simple login journey or tree you created earlier, for example
sdkUsernamePasswordJourney
. - $WEB_OAUTH_CLIENT
-
The simple login journey or tree you created earlier, for example
sdkUsernamePasswordJourney
.
Here’s an example; your values may vary:
AM_URL=https://openam-forgerock-sdks.forgeblocks.com/am REALM_PATH=alpha SCOPE=openid profile email address TIMEOUT=5000 TREE=sdkUsernamePasswordJourney WEB_OAUTH_CLIENT=sdkPublicClient
Here are descriptions for some of the values:
TREE
-
The simple login journey or tree you created earlier, for example
sdkUsernamePasswordJourney
. REALM_PATH
-
The realm of your server.
Usually,
root
for AM andalpha
orbravo
for Advanced Identity Cloud.
-