A mono repo with multiple services and frontends, demonstrating how to perform authentication and authorization on different languages and frameworks with Crossid.
It let you:
- Protect APIs with OAuth2 access token, for Golang.
- Authenticate users at Crossid and consume the protected APIs, for React.
- One click/command deployment on DigitalOcean.
- Have a Crossid tenant, or sign up for free.
- Create a single page application
- api-go: see api-go/README.md.
- frontend-react: see frontend-react/README.md
- frontend-vue: see frontend-vue/README.md
Note: when creating the single page app, put a temporary URLs in Redirect URI and Logout URI until the app is deployed.
- Install doctl[https://github.com/digitalocean/doctl]
- Form the repo.
- Change env vars in
api.yamlsuch:REACT_APP_CID_TENANT_ID,REACT_APP_CID_CLIENT_ID,VUE_APP_CID_TENANT_ID,VUE_APP_CID_CLIENT_IDandISSUER_BASE_URL.
Then run:
doctl apps create --spec .do/app.yamlOnce app deployed, in DigitalOcean control pane, take a note of the app's public URL (references below as {public_url}).
Then, in Crossid admin's application page, set the following:
Login Redirect URIs:
- https://{public_url}/react/
- https://{public_url}/vue/callback
Logout redirect URIs:
- https://{public_url}/react/
- https://{public_url}/vue
Allowed CORS Origins:
- https://{public_url}*
Crossid can:
- Sign users in using various passwordless authentication factors (e.g., otp, fingerprint, etc...)
- Sign users in via social providers (e,g. Facebook) or enterprise providers (e.g., Azure)
- Multi factor authentication.
- Issue signed OAuth2 and Openid-Connect access tokens to protect API calls.
- Manage user profiles and access.
- Authenticate machines.