ForgeRock Developer Experience

Step 5. Run the sample

In the following procedure, you run the custom UI sample from the ForgeRock JavaScript SDK. The sample connects to AM and walks through the authentication tree you created in a previous step.

After successful authentication, the sample obtains an OAuth 2.0 access token and displays the related user information.

To run the UI Sample

  1. In Terminal, navigate to the forgerock-javascript-sdk project created in a previous step.

  2. Type: npm run start:embedded-login.

  3. If you are in a web browser, and you are not actively logged into the AM instance, enter the DNS alias for your local machine, ensuring it matches the redirect URI setup set up previously.

    If you are logged into the AM instance in the browser, the sample will not work. Logout of the AM instance before you run the sample.
  4. Click the Custom UI button.

    A form appears with "Username" and "Password" fields, as defined by the page node in the sdkUsernamePasswordJourney you created in a previous step:

    Running the app
  5. Authenticate as a non-administrative user, and click Sign In.

    Default login credentials:

    • "Username" - demo

    • "Password" - Ch4ng3it!

  6. If you see a "Success" message and the user info, authentication was successful:

    Successful OAuth 2.0 authentication
    To see the application calling the authorize and authenticate endpoints in AM, open the Network tab of your browser’s developer tools.
  7. (Optional) To verify that an OAuth 2.0 token was issued, use the same credentials as the previous step to log in to your AM instance directly.

    On the Dashboard tab, view the sdkPublicClient client in the Authorized Apps section, with issued scopes and expiry time:

    An Authorized Client Application in the AM Dashboard
  8. To revoke the OAuth 2.0 token, do one of the following:

    • In the custom UI sample application, click the Sign Out button.

      The application calls the endSession endpoint to revoke the OAuth 2.0 token, and returns to the sign-in form.

    • In the AM Dashboard, click the Revoke Access icon ().

      AM deletes the consent for the named client profile, causing future attempts to use or introspect issued OAuth 2.0 tokens to fail.



You have now used the ForgeRock JavaScript SDK to authenticate to AM using a custom UI.

You have seen how to obtain OAuth 2.0 tokens, view the related user information, and log a user out of AM.

Copyright © 2010-2023 ForgeRock, all rights reserved.