Configure the SDK

The ForgeRock Login Widget requires information about the server instance it connects to, as well as OAuth 2.0 client configuration and other settings.

To provide these settings, import and use the configuration module and its set() method.

The ForgeRock Login Widget uses the same underlying configuration properties as the main SDK. Add your configuration under the forgerock property:

Example ForgeRock Login Widget configuration

// Import the modules
import Widget, { configuration } from '@forgerock/login-widget';

// Create a configuration instance
const myConfig = configuration();

// Set the configuration properties
myConfig.set({
  forgerock: {
    // Minimum required configuration:
    serverConfig: {
        baseUrl: 'https://openam-forgerock-sdks.forgeblocks.com/am/',
        timeout: 3000,
    },
    // Optional configuration:
    clientId: 'ForgeRockSDKClient', // The default is `WebLoginWidgetClient`
    realmPath: 'alpha',  // This is the default if not specified
    redirectUri: window.location.href,  // This is the default if not specified
    scope: 'openid profile', // This is the default if not specified
    },
  },
});

Set your ForgeRock Login Widget configuration at the top level of your application, such as its index.js or app.js file.

This ensures the ForgeRock Login Widget has the configuration needed to call out to the ForgeRock platform whenever and wherever you use its APIs in your app.

For example, you must set the configuration before starting a journey with journeyEvents.start() or calling either userEvents.get() or tokenEvents.get().

SDK configuration properties

The configuration properties available in both the SDK and the ForgeRock Login Widget are as follows:

Property Description

serverConfig

An interface for configuring how the SDK contacts the AM instance. Contains baseUrl and timeout.

serverConfig: {baseUrl}

The base URL of the AM instance to connect to, including the deployment path. For example, https://openam-forgerock-sdks.forgeblocks.com/am/.

serverConfig: {timeout}

An optional timeout, in milliseconds, for each request that communicates with AM. For example, for 30 seconds specify 30000. Defaults to 5000 (5 seconds).

realmPath

The realm or realm path in which the tree is configured. The default is the top-level realm root.

tree

The name of the tree to use.

clientId

The client_id of the OAuth 2.0 client profile to use.

redirectUri

The redirect_uri as listed in the OAuth 2.0 client profile.

scope

A space-separated list of scopes to request when performing an OAuth 2.0 authorization flow.

oauthThreshold

A threshold, in seconds, to refresh an OAuth 2.0 token before the access_token expires (defaults to 30 seconds).

tokenStore

The API to use for storing tokens on the client:

sessionStorage

Store tokens using the sessionStorage API. The browser clears session storage when a page session ends.

localStorage

Store tokens using the localStorage API. The browser saves local storage data across browser sessions. This is the default setting, as it provides the highest browser compatibility.

indexedDB

Store tokens using the indexedDB API. Storage of data using the indexedDB API depends on the browser used but is commonly persistent across browser sessions.

You cannot perform write operations using the IndexedDB API when Firefox is in private window mode.

Use one of the other token storage APIs to support this mode.

Next, you can Instantiate the widget.

ForgeRock SDKs

Configure the SDK

SDK configuration properties

Next