Ping SDKs

Step 3. Configure connection properties


In this step, you configure the sample app to connect to the authentication tree/journey you created when setting up your server configuration.

  1. Choose how you want to configure the sample app. You can either configure the sample by using dynamic configuration, or by create a .env file.

    • Dynamic configuration

    • Create a .env file

    1. Open the /sdk-sample-apps/javascript/embedded-login/src/main.js file.

    2. Replace the call to forgerock.Config.set() with the following code:

      await forgerock.Config.setAsync({
        serverConfig: {
          wellknown: '{WELL_KNOWN}'
        },
        clientId: '{WEB_OAUTH_CLIENT}',
        tree: '{TREE}',
        scope: '{SCOPE}',
        redirectUri: `${window.location.origin}/callback.html`
      });
    3. Replace the placeholder strings with the values you obtained when preparing your environment.

      {WELL_KNOWN}

      The .well-known endpoint of your server.

      PingOne Advanced Identity Cloud example:

      https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration

      How do I find my PingOne Advanced Identity Cloud .well-known URL?

      You can view the .well-known endpoint for an OAuth 2.0 client in the PingOne Advanced Identity Cloud admin console:

      1. Log in to your PingOne Advanced Identity Cloud administration console.

      2. Click Applications, and then select the OAuth 2.0 client you created earlier. For example, sdkPublicClient.

      3. On the Sign On tab, in the Client Credentials section, copy the Discovery URI value.

      PingAM example:

      https://openam.example.com:8443/openam/oauth2/realms/root/.well-known/openid-configuration

      {WEB_OAUTH_CLIENT}

      The client ID from your OAuth 2.0 application.

      For example, sdkPublicClient

      {TREE}

      The simple login journey or tree you created earlier.

      For example sdkUsernamePasswordJourney.

      {SCOPE}

      The scopes you added to your OAuth 2.0 application.

      For example, address email openid phone profile

      The result resembles the following:

      main.js
      await Config.setAsync({
        serverConfig: {
          wellknown: 'https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration'
        },
        clientId: 'sdkPublicClient',
        tree: 'sdkUsernamePasswordJourney',
        scope: 'openid profile email address',
        redirectUri: `${window.location.origin}/callback.html`
      });
    1. Copy the .env.example file in the /sdk-sample-apps/javascript/embedded-login folder and save it with the name .env within this same directory.

      Your .env file has the following initial contents:

      Initial .env file
      SERVER_URL=$SERVER_URL
      REALM_PATH=$REALM_PATH
      SCOPE=$SCOPE
      TIMEOUT=$TIMEOUT
      TREE=$TREE
      WEB_OAUTH_CLIENT=$WEB_OAUTH_CLIENT
    2. Replace the placeholder strings with the values you obtained when preparing your environment.

      $SERVER_URL

      The base URL of the server to connect to.

      Identity Cloud example:

      https://openam-forgerock-sdks.forgeblocks.com/am

      Self-hosted example:

      https://openam.example.com:8443/openam

      $REALM_PATH

      The realm in your server.

      Usually, root for AM and alpha or bravo for Advanced Identity Cloud.

      $SCOPE

      The scopes you added to your OAuth 2.0 application.

      For example, address email openid phone profile

      $TIMEOUT

      The simple login journey or tree you created earlier, for example sdkUsernamePasswordJourney.

      $TREE

      The simple login journey or tree you created earlier, for example sdkUsernamePasswordJourney.

      $WEB_OAUTH_CLIENT

      The simple login journey or tree you created earlier, for example sdkUsernamePasswordJourney.

      Here’s an example; your values may vary:

      AM_URL=https://openam-forgerock-sdks.forgeblocks.com/am
      REALM_PATH=alpha
      SCOPE=openid profile email address
      TIMEOUT=5000
      TREE=sdkUsernamePasswordJourney
      WEB_OAUTH_CLIENT=sdkPublicClient

      Here are descriptions for some of the values:

      TREE

      The simple login journey or tree you created earlier, for example sdkUsernamePasswordJourney.

      REALM_PATH

      The realm of your server.

      Usually, root for AM and alpha or bravo for Advanced Identity Cloud.