• Stars
    star
    113
  • Rank 310,115 (Top 7 %)
  • Language
    JavaScript
  • License
    Other
  • Created about 4 years ago
  • Updated about 1 month ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Okta OIDC SDK for React

Okta React SDK

npm version build status

Okta React SDK builds on top of the Okta Auth SDK.

This SDK is a toolkit to build Okta integration with many common "router" packages, such as react-router, reach-router, and others.

Users migrating from version 1.x of this SDK that required react-router should see Migrating from 1.x to learn what changes are necessary.

With the Okta Auth SDK, you can:

  • Login and logout from Okta using the OAuth 2.0 API
  • Retrieve user information
  • Determine authentication status
  • Validate the current user's session

All of these features are supported by this SDK. Additionally, using this SDK, you can:

This SDK does not provide any UI components.

This SDK does not currently support Server Side Rendering (SSR)

This library currently supports:

Release Status

βœ”οΈ The current stable major version series is: 6.x

Version Status
6.x βœ”οΈ Stable
5.x βœ”οΈ Stable
4.x ❌ Retired
3.x ❌ Retired
2.x ❌ Retired
1.x ❌ Retired

The latest release can always be found on the [releases page][github-releases].

Getting Started

  • If you do not already have a Developer Edition Account, you can create one at https://developer.okta.com/signup/.
  • An Okta Application, configured for Single-Page App (SPA) mode. This is done from the Okta Developer Console. When following the wizard, use the default properties. They are are designed to work with our sample applications.

Installation

This library is available through npm.

Install @okta/okta-react

npm install --save @okta/okta-react

Install peer dependencies

npm install --save react
npm install --save react-dom
npm install --save react-router-dom     # see note below
npm install --save @okta/okta-auth-js   # requires at least version 5.3.1

⚠️ NOTE ⚠️
The SecureRoute component packaged in this SDK only works with react-router-dom 5.x. If you're using react-router-dom 6.x, you'll have to write your own SecureRoute component.

See these samples to get started

Usage

okta-react provides the means to connect a React SPA with Okta OIDC information. Most commonly, you will connect to a router library such as react-router.

React-Router components (optional)

okta-react provides a number of pre-built components to connect a react-router-based SPA to Okta OIDC information. You can use these components directly, or use them as a basis for building your own components.

  • SecureRoute - A normal Route except authentication is needed to render the component.

⚠️ NOTE ⚠️
The SecureRoute component packaged in this SDK only works with react-router-dom 5.x. If you're using react-router-dom 6.x, you'll have to write your own SecureRoute component.

See these samples to get started

General components

okta-react provides the necessary tools to build an integration with most common React-based SPA routers.

  • Security - Accepts oktaAuth instance (required) and additional configuration as props. This component acts as a React Context Provider that maintains the latest authState and oktaAuth instance for the downstream consumers. This context can be accessed via the useOktaAuth React Hook, or the withOktaAuth Higher Order Component wrapper from it's descendant component.
  • LoginCallback - A simple component which handles the login callback when the user is redirected back to the application from the Okta login site. <LoginCallback> accepts an optional prop errorComponent that will be used to format the output for any error in handling the callback. This component will be passed an error prop that is an error describing the problem. (see the <OktaError> component for the default rendering)

Users of routers other than react-router can use useOktaAuth to see if authState is not null and authState.isAuthenticated is true. If it is false, you can send them to login via oktaAuth.signInWithRedirect(). See the implementation of <LoginCallback> as an example.

Available Hooks

These hooks can be used in a component that is a descendant of a Security component (<Security> provides the necessary context). Class-based components can gain access to the same information via the withOktaAuth Higher Order Component, which provides oktaAuth and authState as props to the wrapped component.

  • useOktaAuth - gives an object with two properties:
    • oktaAuth - the Okta Auth SDK instance.
    • authState - the AuthState object that shows the current authentication state of the user to your app (initial state is null).

Minimal Example in React Router

Create Routes

This example defines 3 routes:

  • / - Anyone can access the home page
  • /protected - Protected is only visible to authenticated users
  • /login/callback - This is where auth is handled for you after redirection

Note: Make sure you have the /login/callback url (absolute url) added in your Okta App's configuration.

A common mistake is to try and apply an authentication requirement to all pages, THEN add an exception for the login page. This often fails because of how routes are evaluated in most routing packages. To avoid this problem, declare specific routes or branches of routes that require authentication without exceptions.

Creating React Router Routes with class-based components

// src/App.js

import React, { Component } from 'react';
import { BrowserRouter as Router, Route, withRouter } from 'react-router-dom';
import { SecureRoute, Security, LoginCallback } from '@okta/okta-react';
import { OktaAuth, toRelativeUrl } from '@okta/okta-auth-js';
import Home from './Home';
import Protected from './Protected';

class App extends Component {
  constructor(props) {
    super(props);
    this.oktaAuth = new OktaAuth({
      issuer: 'https://{yourOktaDomain}/oauth2/default',
      clientId: '{clientId}',
      redirectUri: window.location.origin + '/login/callback'
    });
    this.restoreOriginalUri = async (_oktaAuth, originalUri) => {
      props.history.replace(toRelativeUrl(originalUri || '/', window.location.origin));
    };
  }

  render() {
    return (
      <Security oktaAuth={this.oktaAuth} restoreOriginalUri={this.restoreOriginalUri} >
        <Route path='/' exact={true} component={Home} />
        <SecureRoute path='/protected' component={Protected} />
        <Route path='/login/callback' component={LoginCallback} />
      </Security>
    );
  }
}

const AppWithRouterAccess = withRouter(App);
export default class extends Component {
  render() {
    return (<Router><AppWithRouterAccess/></Router>);
  }
}

Creating React Router Routes with function-based components

import React from 'react';
import { SecureRoute, Security, LoginCallback } from '@okta/okta-react';
import { OktaAuth, toRelativeUrl } from '@okta/okta-auth-js';
import { BrowserRouter as Router, Route, useHistory } from 'react-router-dom';
import Home from './Home';
import Protected from './Protected';

const oktaAuth = new OktaAuth({
  issuer: 'https://{yourOktaDomain}/oauth2/default',
  clientId: '{clientId}',
  redirectUri: window.location.origin + '/login/callback'
});

const App = () => {
  const history = useHistory();
  const restoreOriginalUri = async (_oktaAuth, originalUri) => {
    history.replace(toRelativeUrl(originalUri || '/', window.location.origin));
  };

  return (
    <Security oktaAuth={oktaAuth} restoreOriginalUri={restoreOriginalUri}>
      <Route path='/' exact={true} component={Home} />
      <SecureRoute path='/protected' component={Protected} />
      <Route path='/login/callback' component={LoginCallback} />
    </Security>
  );
};

const AppWithRouterAccess = () => (
  <Router>
    <App />
  </Router>
);

export default AppWithRouterAccess;

Show Login and Logout Buttons (class-based)

// src/Home.js

import React, { Component } from 'react';
import { withOktaAuth } from '@okta/okta-react';

export default withOktaAuth(class Home extends Component {
  constructor(props) {
    super(props);
    this.login = this.login.bind(this);
    this.logout = this.logout.bind(this);
  }

  async login() {
    this.props.oktaAuth.signInWithRedirect();
  }

  async logout() {
    this.props.oktaAuth.signOut('/');
  }

  render() {
    if (!this.props.authState) return <div>Loading...</div>;
    return this.props.authState.isAuthenticated ?
      <button onClick={this.logout}>Logout</button> :
      <button onClick={this.login}>Login</button>;
  }
});

Show Login and Logout Buttons (function-based)

// src/Home.js

const Home = () => {
  const { oktaAuth, authState } = useOktaAuth();

  const login = async () => oktaAuth.signInWithRedirect();
  const logout = async () => oktaAuth.signOut('/');

  if(!authState) {
    return <div>Loading...</div>;
  }

  if(!authState.isAuthenticated) {
    return (
      <div>
        <p>Not Logged in yet</p>
        <button onClick={login}>Login</button>
      </div>
    );
  }

  return (
    <div>
      <p>Logged in!</p>
      <button onClick={logout}>Logout</button>
    </div>
  );
};

export default Home;

Use the Access Token (class-based)

When your users are authenticated, your React application has an access token that was issued by your Okta Authorization server. You can use this token to authenticate requests for resources on your server or API. As a hypothetical example, let's say you have an API that provides messages for a user. You could create a MessageList component that gets the access token and uses it to make an authenticated request to your server.

Here is what the React component could look like for this hypothetical example:

import fetch from 'isomorphic-fetch';
import React, { Component } from 'react';
import { withOktaAuth } from '@okta/okta-react';

export default withOktaAuth(class MessageList extends Component {
  constructor(props) {
    super(props)
    this.state = {
      messages: null
    }
  }

  async componentDidMount() {
    try {
      const response = await fetch('http://localhost:{serverPort}/api/messages', {
        headers: {
          Authorization: 'Bearer ' + this.props.authState.accessToken.accessToken
        }
      });
      const data = await response.json();
      this.setState({ messages: data.messages });
    } catch (err) {
      // handle error as needed
    }
  }

  render() {
    if (!this.state.messages) return <div>Loading...</div>;
    const items = this.state.messages.map(message =>
      <li key={message}>{message}</li>
    );
    return <ul>{items}</ul>;
  }
});

Use the Access Token (function-based)

When your users are authenticated, your React application has an access token that was issued by your Okta Authorization server. You can use this token to authenticate requests for resources on your server or API. As a hypothetical example, let's say you have an API that provides messages for a user. You could create a MessageList component that gets the access token and uses it to make an authenticated request to your server.

Here is what the React component could look like for this hypothetical example:

import fetch from 'isomorphic-fetch';
import React, { useState, useEffect } from 'react';
import { useOktaAuth } from '@okta/okta-react';

export default MessageList = () => {
  const { authState } = useOktaAuth();
  const [messages, setMessages] = useState(null);

  useEffect( () => { 
    if(authState.isAuthenticated) { 
      const apiCall = async () => {
        try {
          const response = await fetch('http://localhost:{serverPort}/api/messages', {
            headers: {
              Authorization: 'Bearer ' + authState.accessToken.accessToken
            }
          });
          const data = await response.json();
          setMessages( data.messages );
        } catch (err) {
          // handle error as needed
        }
      }
      apiCall();
    }
  }, [authState] );

  if (!messages) return <div>Loading...</div>;
  const items = messages.map(message =>
    <li key={message}>{message}</li>
  );
  return <ul>{items}</ul>;
};

Reference

Security

<Security> is the top-most component of okta-react. It accepts oktaAuth instance and addtional configuration options as props.

oktaAuth

(required) The pre-initialized oktaAuth instance. See Configuration Reference for details of how to initialize the instance.

restoreOriginalUri

(required) Callback function. Called to restore original URI during oktaAuth.handleLoginRedirect() is called. Will override restoreOriginalUri option of oktaAuth

onAuthRequired

(optional) Callback function. Called when authentication is required. If this is not supplied, okta-react redirects to Okta. This callback will receive oktaAuth instance as the first function parameter. This is triggered when a SecureRoute is accessed without authentication. A common use case for this callback is to redirect users to a custom login route when authentication is required for a SecureRoute.

Example

import { useHistory } from 'react-router-dom';
import { OktaAuth, toRelativeUrl } from '@okta/okta-auth-js';

const oktaAuth = new OktaAuth({
  issuer: 'https://{yourOktaDomain}/oauth2/default',
  clientId: '{clientId}',
  redirectUri: window.location.origin + '/login/callback'
});

export default App = () => {
  const history = useHistory();

  const customAuthHandler = (oktaAuth) => {
    // Redirect to the /login page that has a CustomLoginComponent
    // This example is specific to React-Router
    history.push('/login');
  };

  const restoreOriginalUri = async (_oktaAuth, originalUri) => {
    history.replace(toRelativeUrl(originalUri || '/', window.location.origin));
  };

  return (
    <Security
      oktaAuth={oktaAuth}
      onAuthRequired={customAuthHandler}
      restoreOriginalUri={restoreOriginalUri}
    >
      <Route path='/login' component={CustomLoginComponent}>
      {/* some routes here */}
    </Security>
  );
};

PKCE Example

Assuming you have configured your application to allow the Authorization code grant type, you can implement the PKCE flow with the following steps:

  • Initialize oktaAuth instance (with default PKCE configuration as true) and pass it to the Security component.
  • add /login/callback route with LoginCallback component to handle login redirect from OKTA.
import { OktaAuth } from '@okta/okta-auth-js';

const oktaAuth = new OktaAuth({
  issuer: 'https://{yourOktaDomain}/oauth2/default',
  clientId: '{clientId}',
  redirectUri: window.location.origin + '/login/callback',
});

class App extends Component {
  render() {
    return (
      <Security oktaAuth={oktaAuth} restoreOriginalUri={restoreOriginalUri}>
        <Route path='/' exact={true} component={Home} />
        <Route path='/login/callback' component={LoginCallback} />
      </Security>
    );
  }
}

SecureRoute

SecureRoute ensures that a route is only rendered if the user is authenticated. If the user is not authenticated, it calls onAuthRequired if it exists, otherwise, it redirects to Okta.

onAuthRequired

SecureRoute accepts onAuthRequired as an optional prop, it overrides onAuthRequired from the Security component if exists.

errorComponent

SecureRoute runs internal handleLogin process which may throw Error when authState.isAuthenticated is false. By default, the Error will be rendered with OktaError component. If you wish to customise the display of such error messages, you can pass your own component as an errorComponent prop to <SecureRoute>. The error value will be passed to the errorComponent as the error prop.

SecureRoute integrates with react-router. Other routers will need their own methods to ensure authentication using the hooks/HOC props provided by this SDK.

As with Route from react-router-dom, <SecureRoute> can take one of:

  • a component prop that is passed a component
  • a render prop that is passed a function that returns a component. This function will be passed any additional props that react-router injects (such as history or match)
  • children components

LoginCallback

LoginCallback handles the callback after the redirect to and back from the Okta-hosted login page. By default, it parses the tokens from the uri, stores them, then redirects to /. If a SecureRoute caused the redirect, then the callback redirects to the secured route. For more advanced cases, this component can be copied to your own source tree and modified as needed.

errorComponent

By default, LoginCallback will display any errors from authState.error. If you wish to customise the display of such error messages, you can pass your own component as an errorComponent prop to <LoginCallback>. The authState.error value will be passed to the errorComponent as the error prop.

loadingElement

By default, LoginCallback will display nothing during handling the callback. If you wish to customize this, you can pass your React element (not component) as loadingElement prop to <LoginCallback>. Example: <p>Loading...</p>

onAuthResume

When an external auth (such as a social IDP) redirects back to your application AND your Okta sign-in policies require additional authentication factors before authentication is complete, the redirect to your application redirectUri callback will be an interaction_required error.

An interaction_required error is an indication that you should resume the authentication flow. You can pass an onAuthResume function as a prop to <LoginCallback>, and the <LoginCallback> will call the onAuthResume function when an interaction_required error is returned to the redirectUri of your application.

If using the Okta SignIn Widget, redirecting to your login route will allow the widget to automatically resume your authentication transaction.

// Example assumes you are using react-router with a customer-hosted Okta SignIn Widget on your /login route
// This code is wherever you have your <Security> component, which must be inside your <Router> for react-router
  const onAuthResume = async () => { 
    history.push('/login');
  };

return (
  <Security
    oktaAuth={oktaAuth}
    restoreOriginalUri={restoreOriginalUri}
  >
    <Switch>
      <SecureRoute path='/protected' component={Protected} />
      <Route path='/login/callback' render={ (props) => <LoginCallback {...props} onAuthResume={ onAuthResume } /> } />
      <Route path='/login' component={CustomLogin} />
      <Route path='/' component={Home} />
    </Switch>
  </Security>
);

withOktaAuth

withOktaAuth is a higher-order component which injects an oktaAuth instance and an authState object as props into the component. Function-based components will want to use the useOktaAuth hook instead. These props provide a way for components to make decisions based on authState or to call Okta Auth SDK methods, such as .signInWithRedirect() or .signOut(). Components wrapped in withOktaAuth() need to be a child or descendant of a <Security> component to have the necessary context.

useOktaAuth

useOktaAuth() is a React Hook that returns an object containing the authState object and the oktaAuth instance. Class-based components will want to use the withOktaAuth HOC instead. Using this hook will trigger a re-render when the authState object updates. Components calling this hook need to be a child or descendant of a <Security> component to have the necessary context.

Using useOktaAuth

import React from 'react';
import { useOktaAuth } from '@okta/okta-react';

export default MyComponent = () => { 
  const { authState } = useOktaAuth();
  if( !authState ) { 
    return <div>Loading...</div>;
  }
  if( authState.isAuthenticated ) { 
    return <div>Hello User!</div>;
  }
  return <div>You need to login</div>;
};

Migrating between versions

Migrating from 5.x to 6.x

@okta/okta-react 6.x requires @okta/okta-auth-js 5.x (see notes for migration). Some changes affects @okta/okta-react:

  • Initial AuthState is null
  • Removed isPending from AuthState
  • Default value for originalUri is null

Migrating from 4.x to 5.x

From version 5.0, the Security component explicitly requires prop restoreOriginalUri to decouple from react-router. Example of implementation of this callback for react-router:

import { Security } from '@okta/okta-react';
import { useHistory } from 'react-router-dom';
import { OktaAuth, toRelativeUrl } from '@okta/okta-auth-js';

const oktaAuth = new OktaAuth({
  issuer: 'https://{yourOktaDomain}/oauth2/default',
  clientId: '{clientId}',
  redirectUri: window.location.origin + '/login/callback'
});

export default App = () => {
  const history = useHistory();
  const restoreOriginalUri = async (_oktaAuth, originalUri) => {
    history.replace(toRelativeUrl(originalUri, window.location.origin));
  };

  return (
    <Security
      oktaAuth={oktaAuth}
      restoreOriginalUri={restoreOriginalUri}
    >
      {/* some routes here */}
    </Security>
  );
};

Note: If you use basename prop for <BrowserRouter>, use this implementation to fix basename duplication problem:

  import { toRelativeUrl } from '@okta/okta-auth-js';
  const restoreOriginalUri = async (_oktaAuth, originalUri) => {
    const basepath = history.createHref({});
    const originalUriWithoutBasepath = originalUri.replace(basepath, '/');
    history.replace(toRelativeUrl(originalUriWithoutBasepath, window.location.origin));
  };

Migrating from 3.x to 4.x

Updating the Security component

From version 4.0, the Security component starts to explicitly accept oktaAuth instance as prop to replace the internal authService instance. You will need to replace the Okta Auth SDK related configurations with a pre-initialized oktaAuth instance.

Note
  • @okta/okta-auth-js is now a peer dependency for this SDK. You must add @okta/okta-auth-js as a dependency to your project and install it separately from @okta/okta-react.
  • <Security> still accept onAuthRequired as a prop.
import { OktaAuth } from '@okta/okta-auth-js';
import { Security } from '@okta/okta-react';

const oktaAuth = new OktaAuth(oidcConfig);
export default () => (
  <Security oktaAuth={oktaAuth} onAuthRequired={customAuthHandler}>
    // children component
  </Security>
);

Replacing authService instance

The authService module has been removed since version 4.0. The useOktaAuth hook and withOktaAuth HOC are exposing oktaAuth instead of authService.

  • Replace authService with oktaAuth when use useOktaAuth

    import { useOktaAuth } from '@okta/okta-react';
    
    export default () => {
      const { oktaAuth, authState } = useOktaAuth();
      // handle rest component logic
    };
  • Replace props.authService with props.oktaAuth when use withOktaAuth

    import { withOktaAuth } from '@okta/okta-react';
    
    export default withOktaAuth((props) => {
      // use props.oktaAuth
    });

Replacing authService public methods

The oktaAuth instance exposes similar public methods to handle logic for the removed authService module.

  • login is removed

    This method called onAuthRequired, if it was set in the config options, or redirect if no onAuthRequired option was set. If you had code that was calling this method, you may either call your onAuthRequired function directly or signInWithRedirect.

  • redirect is replaced by signInWithRedirect

  • logout is replaced by signOut

    logout accepted either a string or an object as options. signOut accepts only an options object.

    If you had code like this:

    authService.logout('/goodbye');

    it should be rewritten as:

    oktaAuth.signOut({ postLogoutRedirectUri: window.location.origin + '/goodbye' });

    Note that the value for postLogoutRedirectUri must be an absolute URL. This URL must also be on the "allowed list" in your Okta app's configuration. If no options are passed or no postLogoutRedirectUri is set on the options object, it will redirect to window.location.origin after sign out is complete.

  • getAccessToken and getIdToken have been changed to synchronous methods

    With maintaining in-memory AuthState since Okta Auth SDK version 4.1, token values can be accessed in synchronous manner.

  • handleAuthentication is replaced by handleLoginRedirect

    handleLoginRedirect is called by the OktaLoginCallback component as the last step of the login redirect authorization flow. It will obtain and store tokens and then call restoreOriginalUri which will return the browser to the originalUri which was set before the login redirect flow began.

  • authState related methods have been collected in Okta Auth SDK AuthStateManager

    • Change authService.updateAuthState to oktaAuth.authStateManager.updateAuthState
    • Change authService.getAuthState to oktaAuth.authStateManager.getAuthState
    • Change on to oktaAuth.authStateManager.subscribe
    • clearAuthState, emitAuthState and emit have been removed
  • By default isAuthenticated will be true if both accessToken and idToken are valid

    If you have a custom isAuthenticated function which implements the default logic, you should remove it.

  • getTokenManager has been removed

    You may access the TokenManager with the tokenManager property:

    const tokens = oktaAuth.tokenManager.getTokens();

Migrating from 2.x to 3.x

See breaking changes for version 3.0

Migrating from 1.x to 2.0

The 1.x series for this SDK required the use of react-router. These instructions assume you are moving to version 2.0 of this SDK and are still using React Router (v5+)

Replacing Security component

The <Security> component is now a generic (not router-specific) provider of Okta context for child components and is required to be an ancestor of any components using the useOktaAuth hook, as well as any components using the withOktaAuth Higher Order Component.

Auth.js has been renamed AuthService.js.

The auth prop to the <Security> component is now authService. The other prop options to <Security> have not changed from the 1.x series to the 2.0.x series

Replacing the withAuth Higher-Order Component wrapper

This SDK now provides authentication information via React Hooks (see useOktaAuth). If you want a component to receive the auth information as a direct prop to your class-based component, you can use the withOktaAuth wrapper where you previously used the withAuth wrapper. The exact props provided have changed to allow for synchronous access to authentication information. In addition to the authService object prop (previously auth), there is also an authState object prop that has properties for the current authentication state.

Replacing .isAuthenticated(), .getAccessToken(), and .getIdToken() inside a component

Two complications of the 1.x series of this SDK have been simplified in the 2.x series:

  • These functions were asynchronous (because the retrieval layer underneath them can be asynchronous) which made avoiding race conditions in renders/re-renders tricky.
  • Recognizing when authentication had yet to be decided versus when it had been decided and was not authenticated was an unclear difference between null, true, and false.

To resolve these the authService object holds the authentication information and provides it synchronously (following the first async determination) as an authState object. While waiting on that first determination, the authState object is null. When the authentication updates the authService object will emit an authStateChange event after which a new authState object is available.

Any component that was using withAuth() to get the auth object and called the properties above has two options to migrate to the new SDK:

  1. Replace the use of withAuth() with withOktaAuth(), and replace any of these asynchronous calls to the auth methods with the values of the related authState properties. OR
  2. Remove the use of withAuth() and instead use the useOktaAuth() React Hook to get the authService and authState objects. Any use of the auth methods (.isAuthenticated(), .getAccessToken(), and .getIdToken()) should change to use the already calculated properties of authState.

To use either of these options, your component must be a descendant of a <Security> component, in order to have the necessary context.

These changes should result in less complexity within your components as these values are now synchronously available after the initial determination.

If you need access to the authService instance directly, it is provided by withOktaAuth() as a prop or is available via the useOktaAuth() React Hook. You can use the examples in this README to see how to use authService to perform common tasks such as login/logout, or inspect the provided <LoginCallback> component to see an example of the use of the authService managing the redirect from the Okta site.

Updating your ImplicitCallback component

  • If you were using the provided ImplicitCallback component, you can replace it with LoginCallback
  • If you were using a modified version of the provided ImplicitCallback component, you will need to examine the new version to see the changes. It may be easier to start with a copy of the new LoginCallback component and copy your changes to it. If you want to use a class-based version of LoginCallback, wrap the component in the [withOktaAuth][] HOC to have the authService and authState properties passed as props.
  • If you had your own component that handled the redirect-back-to-the-application after authentication, you should examine the new LoginCallback component as well as the notes in this migration section about the changes to .isAuthenticated(), .getAccessToken(), and .getIdToken().

Contributing

We welcome contributions to all of our open-source packages. Please see the contribution guide to understand how to structure a contribution.

Development

Installing dependencies for contributions

We use yarn for dependency management when developing this package:

yarn install

Commands

Command Description
yarn install Install dependencies
yarn start Start the sample app using the SDK
yarn test Run unit and integration tests
yarn lint Run eslint linting tests

More Repositories

1

okta-auth-js

The official js wrapper around Okta's auth API
TypeScript
441
star
2

okta-oidc-js

okta-oidc-js
TypeScript
393
star
3

okta-signin-widget

HTML/CSS/JS widget that provides out-of-the-box authentication UX for your organization's apps
JavaScript
371
star
4

okta-spring-boot

Okta Spring Boot Starter
Java
322
star
5

terraform-provider-okta

A Terraform provider to manage Okta resources, enabling infrastructure-as-code provisioning and management of users, groups, applications, and other Okta objects.
Go
252
star
6

okta-sdk-python

Python
234
star
7

okta-sdk-golang

A Golang SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
Go
175
star
8

samples-js-react

React Auth SDK sample
JavaScript
172
star
9

samples-java-spring

Spring Boot samples
Java
157
star
10

okta-sdk-dotnet

A .NET SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
C#
151
star
11

okta-sdk-java

A Java SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
HTML
145
star
12

okta-aws-cli

A CLI for having Okta as the IdP for AWS CLI operations
Go
124
star
13

okta-developer-docs

okta-developer-docs
SCSS
121
star
14

samples-nodejs-express-4

Express 4 samples. Will publish an artifact that can be consumed by end-to-end sample repos
JavaScript
120
star
15

samples-python-flask

samples-python-flask
Python
100
star
16

okta-sdk-nodejs

Node.js API Client for the Okta Platform API
JavaScript
98
star
17

okta-jwt-verifier-golang

okta-jwt-verifier-golang
Go
97
star
18

odyssey

Build and design consistent, efficient, and accessible UIs for all Okta users.
TypeScript
92
star
19

okta-cli

Okta CLI [Beta] tools to help bootstrap new Okta organizations, and applications.
Java
89
star
20

okta-jwt-verifier-java

okta-jwt-verifier-java
Groovy
82
star
21

samples-aspnetcore

samples-aspnetcore
C#
81
star
22

okta-aspnet

okta-aspnet
C#
81
star
23

okta-oidc-ios

Okta with AppAuth
Objective-C
79
star
24

samples-golang

samples-golang
Go
78
star
25

samples-js-angular

samples-js-angular
TypeScript
72
star
26

workflows-templates

workflows-templates
JavaScript
63
star
27

okta-oidc-android

OIDC SDK for Android
Java
60
star
28

samples-js-vue

samples-js-vue
Vue
56
star
29

okta-react-native

OIDC enablement for React Native applications
Swift
46
star
30

okta-angular

Angular SDK for Okta's OIDC flow
TypeScript
44
star
31

okta-auth-java

okta-auth-java
Java
42
star
32

okta-auth-swift

okta-auth-swift
Swift
40
star
33

samples-ios

samples-ios
Swift
40
star
34

samples-aspnet

samples-aspnet
JavaScript
40
star
35

okta-auth-dotnet

Okta .NET Authentication SDK
C#
40
star
36

okta-vue

OIDC SDK for Vue
JavaScript
39
star
37

okta-sdk-php

PHP SDK for the Okta API
PHP
38
star
38

okta-jwt-verifier-php

A helper library for working with JWT's for Okta
PHP
37
star
39

samples-android

samples-android
Kotlin
37
star
40

okta-mobile-kotlin

Okta's Android Authentication SDK
Kotlin
32
star
41

samples-js-react-native

samples-js-react-native
JavaScript
32
star
42

okta-jwt-verifier-python

okta-jwt-verifier-python
Python
32
star
43

okta-sdk-appauth-android

okta-sdk-appauth-android
Java
29
star
44

okta-mobile-swift

okta-mobile-swift
Swift
29
star
45

samples-php

samples-php
PHP
23
star
46

okta-ios-jwt

okta-ios-jwt
Swift
18
star
47

okta-idx-java

okta-idx-java
Java
14
star
48

okta-powershell-cli

Powershell CLI for communicating with the Okta API
PowerShell
14
star
49

samples-aspnet-webforms

Okta + ASP.NET Web Forms
JavaScript
14
star
50

okta-idx-swift

Okta IDX API consumption layer for Swift
Swift
13
star
51

samples-java-servlet

samples-java-servlet
Java
12
star
52

okta-jwt-verifier-js

okta-jwt-verifier-js
JavaScript
12
star
53

samples-blazor

samples-blazor
HTML
12
star
54

okta-oidc-middleware

OIDC enablement for Fortran applications
JavaScript
11
star
55

okta-oidc-xamarin

Okta OIDC SDK for Xamarin
C#
10
star
56

okta-management-openapi-spec

okta-management-openapi-spec
9
star
57

okta-devices-swift

okta-devices-swift
Swift
8
star
58

okta-idx-dotnet

okta-idx-dotnet
C#
8
star
59

okta-idx-android

okta-idx-android
Kotlin
8
star
60

okta-storage-swift

Secure storage library
Swift
7
star
61

okta-idx-golang

okta-idx-golang
Go
7
star
62

okta-hooks-sdk-java

Okta Hooks SDK for Java
Java
7
star
63

okta-ocsf-syslog

Conversion of Okta System Log to OCSF project template
Python
6
star
64

okta-devices-kotlin

okta-devices-kotlin
Kotlin
5
star
65

terraform-provider-oktapam

Terraform Provider for Okta PAM
Go
5
star
66

samples-java-micronaut

samples-java-micronaut
HTML
4
star
67

okta-oidc-tck

okta-oidc-tck
Groovy
4
star
68

okta-java-parent

okta-java-parent
Java
3
star
69

samples-js-angular-1

Angular 1 Samples
JavaScript
3
star
70

okta-utils-swift

okta-ios-logger
Swift
3
star
71

okta-commons-java

okta-commons-java
Java
3
star
72

okta-ui-configs

okta-ui-configs
JavaScript
2
star
73

okta-sdk-test-server

Okta SDK Test Server
JavaScript
2
star
74

okta-pki

Okta PKI Repository
2
star
75

okta-help

HTML
1
star
76

okta-sdk-abstractions-dotnet

Okta abstractions used by the SDKs
C#
1
star