Quick JavaScript Authentication with OktaDev Schematics

OktaDev Schematics is a tool I developed to help streamline the integration of OpenID Connect into JavaScript (or TypeScript) applications.

In my first few years at Okta, I’d demo how to use our Angular SDK at conferences, and I’d inevitably miss a step, causing the demo to fail. A failing demo is frustrating, so I created OktaDev Schematics to fix it.

My idea was simple:

The project builds on Angular Schematics, so it’s incredibly easy to use, particularly in Angular projects, but applies to other frameworks as well.

This command will prompt you for an issuer and client ID, and then OktaDev Schematics will configure your app to use them. If you’re using the Auth0 CLI, you’ll need to create a Single-Page Application (SPA) app to get these values.

In the latest release, I’ve made it so that adding an --auth0 flag will set up your project to use Auth0 instead of Okta.

If you’re using Angular or Ionic with Angular, you can create an app and then add OIDC authentication in just two commands!

My Add OpenID Connect to Angular Apps Quickly tutorial explains what this command does and shows screenshots of the changes. You can even view the changes it makes on GitHub.

The tool is smart enough to detect the framework you’re using and if you’re using TypeScript or JavaScript.

If you want to create a React or Vue app, you’ll need to perform a few steps:

As you can guess, the integration is pretty bare-bones. It configures the SDK and adds a login/logout button. I believe this is in line with the apps each CLI generates. They’re pretty bare-bones too!

If you’d like to see how the templates differ between Okta and Auth0, you can view the templates on GitHub. If you have a GitHub account, you can also launch github.dev/oktadev/schematics and navigate to src/add-auth/{auth0,okta}.

There’s a wealth of popular frameworks currently supported by OktaDev Schematics:

See the project’s links section if you want to learn more about Okta or Auth0’s SDKs.

The support for Ionic currently only includes Angular. However, Ionic does support React and Vue too. To make OIDC authentication work, I leveraged Ionic AppAuth. One cool thing about this library is it has React and Vue examples available. I recently updated these to work with Capacitor 4.

To avoid situations where a framework integration would fail in public, like the story I told before, I made sure the library is well tested, limiting the scope of the tests not only to the library code, but also to cover the workflow and generated code bases, e.g.:

These commands are all encapsulated in a test-app.sh script I wrote. It’s kinda ugly and can probably be improved, but it works pretty well for now.

If nothing else, this script shows you how to automate creating apps with framework CLIs for continuous integration. The project’s Apps workflow shows how all these frameworks are tested in a matrix.

You might notice that all the CLIs are installed without a version number:

This is done on purpose, so these templates are continuously tested against the latest release. There’s a Nightly worflow that ensures nothing breaks every evening. Dependabot is also configured to keep the project’s dependencies and SDK versions up-to-date.

When framework or libraries introduce changes, sometimes things break. But now, thanks to automated tests, I often find problems as soon as new versions are released. Cheers to continuous integration! 😃

If you liked learning about schematics, you might enjoy these other posts I wrote.

If you’re on social media, follow Auth0: { Twitter, LinkedIn, Facebook }. If you like learning via video, subscribe to the OktaDev YouTube channel!