ForgeRock Developer Experience

Step 4. Configure the SDK

The ForgeRock Login Widget requires information about the server instance it connects to, as well as OAuth 2.0 client configuration and other settings.

To provide these settings, import and use the configuration module and its set() method.

The ForgeRock Login Widget uses the same underlying configuration properties as the main SDK. Add your configuration under the forgerock property:

Example ForgeRock Login Widget configuration
// Import the modules
import Widget, { configuration } from '@forgerock/login-widget';

// Create a configuration instance
const myConfig = configuration();

// Set the configuration properties
  forgerock: {
    // Minimum required configuration:
    serverConfig: {
        baseUrl: '',
        timeout: 3000,
    // Optional configuration:
    clientId: 'sdkPublicClient', // The default is `WebLoginWidgetClient`
    realmPath: 'alpha',  // This is the default if not specified
    redirectUri: window.location.href,  // This is the default if not specified
    scope: 'openid profile email address phone', // The default is `openid profile` if not specified

Set your ForgeRock Login Widget configuration at the top level of your application, such as its index.js or app.js file.

This ensures the ForgeRock Login Widget has the configuration needed to call out to the ForgeRock platform whenever and wherever you use its APIs in your app.

For example, you must set the configuration before starting a journey with journeyEvents.start() or calling either userEvents.get() or tokenEvents.get().

SDK configuration properties

The configuration properties available in both the SDK and the ForgeRock Login Widget are as follows:

ForgeRock SDK for JavaScript properties
Property Description


An interface for configuring how the SDK contacts the AM instance.

Contains baseUrl and timeout.

serverConfig: {baseUrl}

The base URL of the ForgeRock server to connect to, including port and deployment path.

Identity Cloud example:

Self-hosted example:

serverConfig: {timeout}

A timeout, in milliseconds, for each request that communicates with your ForgeRock server.

For example, for 30 seconds specify 30000.

Defaults to 5000 (5 seconds).


The realm in which the OAuth 2.0 client profile and authentication journeys are configured.

For example, alpha.

Defaults to the self-hosted top-level realm root.


The name of the user authentication tree configured in your ForgeRock server.

For example, sdkUsernamePasswordJourney.


The client_id of the OAuth 2.0 client profile to use.


The redirect_uri as configured in the OAuth 2.0 client profile.

For example,


A list of scopes to request when performing an OAuth 2.0 authorization flow, separated by spaces.

For example, openid profile email address phone.


A threshold, in seconds, to refresh an OAuth 2.0 token before the access_token expires.

Defaults to 30 seconds.


Specify whether the SDK should output its log messages in the console and the level of messages to display.

One of:

  • none (default)

  • info

  • warn

  • error

  • debug


Specify a function to override the default logging behavior.


The API to use for storing tokens on the client:


Store tokens using the sessionStorage API. The browser clears session storage when a page session ends.


Store tokens using the localStorage API. The browser saves local storage data across browser sessions. This is the default setting, as it provides the highest browser compatibility.


Copyright © 2010-2023 ForgeRock, all rights reserved.