We recommend using a certified OpenId Connect client to interact with our OpenId Connect APIs.
The following code samples demonstrate how to use various OpenId Client libraries.
- Single Page App (SPA) - Implicit Flow - An example of a client side only implmentation using the Implicit Flow to authenticate users.
- Angular JS - Implicit Flow - An Angular 4 sample with guards to protect routes until the user is authenticated.
- Express + Passport - Authorization Code Flow - This example demonstrates the Authorization Flow using Express.js and an OpenId Connect Passport Strategy.
- Express + Passport - Authorization Code Flow with PKCE - Use Proof Key Code Exchange (PKCE) to remove the requirement of using a client_secret.
- Express - Resource Owner Password Grant - An example of using the Password Grant flow in a minimal Express.js app.
- OneLogin Official iOS Client - This client uses the Auth Code flow + PKCE and includes a code sample.
- OneLogin Official Android Client - This client uses the Auth Code flow + PKCE and includes a code sample.
- Dotnet Core 2.0 - Authorization Code Flow - This project is based on the default Dotnet MVC template with no authentication added and then adapted to use the OpenId Connect Authorization Code Flow.
- Spring - Authorization Code Flow - A Java Spring security sample which blocks access to all routes until the user is authenticated.