This application allows for users to register, sign in, and create OAuth service clients that can be used to retrieve tokens from your Okta Authorization Servers, and use those to hit custom APIs! It leverages OAuth for Okta APIs as well, so that the application is tightly scoped to only allow for the creation/deletion of these service applications themselves. Try generating an OAuth client and then using postman or any command-line tool to hit the https://developer.okta.com/docs/reference/api/oidc/#token endpoint in okta via the client credentials flow.
npm install
Create a .env file and copy the keys from .env.sample. Do the same for /src/.config.js. Then go to your Okta tenant to get the client Id, Issuer, org url and api token
touch .env
touch ./src/.config.js
If you don't already have an application configured in Okta,head to Applications > Create new App and specify "SPA" as the type. Remember to assign yourself the app as well.
node O4OScript.js
This script is necessary to create a backend service client to generate O4O tokens for the purposes of allowing our developer dashboard to hit Okta Lifecycle APIs with properly scoped tokens (i.e. only allowing the app to create/read clients). In order to do so, we are:
- Generating a public/private RSA keypair, converting into JwKs
- Registering a client with those JwKs using the private_key_jwt method of authentication, storing the O4O client id in the .env file
- Using the apps/{appid}/grants api to grant that client access to manage applications (to mint new clients)
More documentation on that entire process here: https://developer.okta.com/docs/guides/implement-oauth-for-okta/overview/
This script populates your .env file as well as local private keys for the project itself. If you need to run it again or start fresh, run the following script:
node O4OScriptDestroy.js
Which will do the following:
- Delete up the .jwk, .pem files generated from the project directory, and clear the O4O_CLIENT_ID line from your env file
- Remove the "DevDashboard-O4OClient" generated in your okta tenant
npm run start