Run the sample
After successful authentication, the sample obtains an OAuth 2.0 access token and displays the related user information.
In Terminal, navigate to the
npm run start:embedded-login.
If you are in a web browser, and you are not actively logged into the AM instance, enter the DNS alias for your local machine, ensuring it matches the redirect URI setup set up previously.
If you are logged into the AM instance in the browser, the sample will not work. Logout of the AM instance before you run the sample.
Click the Custom UI button.
A form appears with "Username" and "Password" fields, as defined by the page node in the
sdkAuthenticationTreeyou created in a previous step:
Authenticate as a non-administrative user, and click Sign In.
Default login credentials:
If you see a "Success" message and the user info, authentication was successful:
To see the application calling the
authenticateendpoints in AM, open the Network tab of your browser’s developer tools.
(Optional) To verify that an OAuth 2.0 token was issued, use the same credentials as the previous step to log in to your AM instance directly.
On the Dashboard tab, view the
ForgeRockSDKClientclient in the Authorized Apps section, with issued scopes and expiry time:
To revoke the OAuth 2.0 token, do one of the following:
In the custom UI sample application, click the Sign Out button.
The application calls the
endSessionendpoint to revoke the OAuth 2.0 token, and returns to the sign-in form.
In the AM Dashboard, click the Revoke Access icon ().
AM deletes the consent for the named client profile, causing future attempts to use or introspect issued OAuth 2.0 tokens to fail.
You have seen how to obtain OAuth 2.0 tokens, view the related user information, and log a user out of AM.