This tool is designed to test and enhance understanding of four distinct authentication flows using OAuth 2.0 and OpenID Connect within Okta. The authentication flows include:
- Code Grant with PKCE (browser)
- Code Grant with Client Secret (server)
- Code Grant with Client Secret and PKCE (server)
- Implicit (Legacy)
How you have configured your app within Okta will dictate which flow you will use (e.g., client-side or server-side authentication).
This repository consists of a React frontend and a very simple Node.js server with a single API route for obtaining your tokens when selecting a server-side authentication flow. You do not need to run the server if testing the "Code Grant with PKCE" flow. The implicit flow is not recommended but is included for educational purposes.
Navigate to the client
directory and start the development server:
cd ./client
npm run dev
Your app will be running on :
http://localhost:5173/
Navigate to the server
directory and start the development server:
cd ./server
npm run dev
This flow is intended for client-side authentication and does not require the server. It enhances security by using a Proof Key for Code Exchange (PKCE).
This flow is suitable for server-side authentication where a client secret is used to authenticate with Okta.
This flow combines the security features of both the client secret and PKCE, providing a robust server-side authentication mechanism.
The implicit flow is included for educational purposes and is not recommended for production use due to its security vulnerabilities. It is a client-side flow that does not require a client secret.
Ensure your Okta application is configured correctly for the desired authentication flow. This involves setting up the appropriate client ID, client secret, and redirect URIs in your Okta developer console.
If you have any suggestions or improvements, feel free to create an issue or submit a pull request.
This project is licensed under the MIT License.
Happy coding! If you encounter any issues or have questions, please open an issue on this repository.