Skip to main content

Example Configuration

Here is an example configuration using the NodeJS library passport with the Authorization Code Flow. See the documentation of passport for further details.

Setup

Setup the issuer and configure your client. Get your Client ID from our sales team.

const taIssuer = await Issuer.discover('https://auth.trustedaccounts.org');

const client = new taIssuer.Client({
client_id: 'my_client',
client_secret: 'xxxxxxxxxxxxxxxxxxxxxxxxxxx',
redirect_uris: ['https://my.platform.com/callback'],
response_types: ['code']
});

The Button

Set up your Login with Trusted Button. For this, first create your authorization url and then link to it inside a custom button.

const code_verifier = generators.codeVerifier();
const code_challenge = generators.codeChallenge(code_verifier);

let authorizationUrl = client.authorizationUrl({
scope: 'openid offline',
resource: 'https://my.api.example.com/resource/32178',
code_challenge,
code_challenge_method: 'S256',
state: state
});

app.get('/', function (req, res) {
res.send('<a href="' + authorizationUrl + '">Login with Trusted</a>');
})

Callback

Handle the data you get from the redirect page after the user finished the login process. Use the code_verifier and state from the previous step to verify the response.

app.get('/callback', async function (req, res) {
const params = client.callbackParams(req);
const tokenSet = await client.callback('https://my.api.example.com/callback', params, { code_verifier, state });
const refresh_token = tokenSet.refresh_token;
})

Refresh Token

Refresh your Access Token using your Refresh Token. Read about our Token TTLs on the Installation Page.

const tokenSet = await client.refresh(refresh_token);