Skip to content

README.md

Latest commit

 

History

History
98 lines (63 loc) · 3.77 KB

README.md

File metadata and controls

98 lines (63 loc) · 3.77 KB

NestJS Cross App Access (XAA) Requestor App Example

This repository contains a working example of a NestJS web app that requests resources from a third-party app within a trust domain using the xaa.dev testing site. Please read Make Secure App-to-App Connections Using Cross App Access for a detailed guide through.

Required tools

  • Node.js LTS version (v22 or higher at the time of this post)
  • Command-line terminal application
  • A code editor/Integrated development environment (IDE), such as Visual Studio Code (VS Code)
  • Git

Getting Started

To run this example, run the following commands:

git clone https://github.com/oktadev/okta-nestjs-xaa-requestor-example.git
cd okta-nestjs-xaa-requestor-example
npm ci

Register a Client App in xaa.dev site

Register a client application that uses xaa.dev's Identity Provider (IdP) and resource app by following the instructions on the Client Registration page.

Duplicate the .env.example file and rename it to .env.

Save your CLIENT_ID, CLIENT_SECRET, RESOURCE_CLIENT_ID, and RESOURCE_CLIENT_SECRET as values within the .env file. Double check that the defined URL for the IDP, auth server, and todo resource server.

Using with GitHub Codespaces

When running this app in GitHub Codespaces, you need to update the REDIRECT_URI in your .env file to use the Codespaces URL instead of localhost.

Automatic approach (recommended):

Run the following command to get the correct redirect URI:

npm run get-redirect-uri

This will output the appropriate URI—either the Codespace URL (if running in a Codespace) or the localhost URL (if running locally). Copy the output and set it in your .env file.

Manual approach:

Finding your Codespaces URL:

  • Look at the URL in your browser while using the Codespace. It will be in the format: https://<codespace-name>.app.github.dev
  • Alternatively, find the Codespace name in the VS Code Remote indicator in the bottom-left corner

Update the REDIRECT_URI to:

REDIRECT_URI=https://<codespace-name>-3000.app.github.dev/auth/callback

Replace <codespace-name> with your actual Codespace name (for example: amusing-sniffle-w7g699).

Then, update the REDIRECT_URI in your client application registration on the xaa.dev site to match this new URL.

Serve the app

npm start

When the app starts, it will log the URL to navigate to in the console:

  • GitHub Codespaces: https://<codespace-name>-3000.app.github.dev
  • Local development: http://localhost:3000

Navigate to the URL shown in the console to view the app.

You'll see logging of the token exchange in the console and a list of todos in a side panel after authenticating.

Links

This example uses the following OAuth specs and resources:

Help

Please post any questions as comments on the blog post, or visit our Okta Developer Forums.

License

Apache 2.0, see LICENSE.