ForgeRock Developer Experience

Step 4. Run a sample app

In the following procedure, you run the sample app that you configured in the previous step. The sample connects to your ForgeRock server and walks through the authentication journey you created in an earlier step.

After successful authentication, the sample obtains an OAuth 2.0 access token and displays the related user information.

To run the UI Sample

  1. In a terminal window, navigate to your forgerock-javascript-sdk project.

  2. To run the sample, enter the following:

    npm run start:embedded-login
  3. In a web browser:

    1. Ensure you are currently logged into the ForgeRock server instance.

      If you are logged into the AM instance in the browser, the sample will not work. Logout of the AM instance before you run the sample.
    2. Enter the DNS alias for your local machine:

      A form appears with "Username" and "Password" fields, as defined by the page node in the sdkUsernamePasswordJourney you created in a previous step:

      Running the app
    3. Authenticate as a non-administrative user, and click Sign In.

      Default login credentials:

      • "Username" - demo

      • "Password" - Ch4ng3it!

        If you see a "Success" message and the user info, authentication was successful:

        Successful OAuth 2.0 authentication
        To see the application calling the authorize and authenticate endpoints in AM, open the Network tab of your browser’s developer tools.
  4. (Optional) To verify that an OAuth 2.0 token was issued, use the same credentials as the previous step to log in to your AM instance directly.

    On the Dashboard tab, view the sdkPublicClient client in the Authorized Apps section, with issued scopes and expiry time:

    An Authorized Client Application in the AM Dashboard
  5. To revoke the OAuth 2.0 token, do one of the following:

    • In the custom UI sample application, click the Sign Out button.

      The application calls the endSession endpoint to revoke the OAuth 2.0 token, and returns to the sign-in form.

    • In the AM Dashboard, click the Revoke Access icon ().

      AM deletes the consent for the named client profile, causing future attempts to use or introspect issued OAuth 2.0 tokens to fail.



You have now used the ForgeRock JavaScript SDK to authenticate to a ForgeRock server instance.

You have seen how to obtain OAuth 2.0 tokens, view the related user information, and log a user out of the server.

Copyright © 2010-2024 ForgeRock, all rights reserved.