OAuth 2.0 SSO Demo
Overview
Documentation
Description
This project is a demo of an OAuth 2.0 implementation with OpenID Connect in Mendix where the client, resource and authorization servers are completely seperated. The project contains a ViewApp and an InvoiceAPI module. The ViewApp calls the InvoiceAPI REST endpoints to view and create invoices.
Auth0 is used to login in the Mendix app based on Facebook or Google accounts. Based on the tokens that are received during the login, the API validates the token and authorizes the user. Permissions are managed in Auth0.
Typical usage scenario
Use Single Sign-on (SSO) in your Mendix applications to allow users to use the same credentials in multiple apps and manage authorization centrally.
Dependencies
- JWT module in the Mendix App Store
- Passay 1.4.0 for random password generation upon User creation
Installation
Run the project locally. By default, the user will not have permissions to read or create invoices. If you need permissions, the publisher of this app can assign the permissions to your user after first login. Alternatively, you can create your own Auth0 domain (free for developer purposes) and set the appropriate constants in the Auth0 module (domain, client ID and client secret). Of course, you need to configure Auth0 with the appropriate keys, scopes, allowed callback and logout URLs. If you need help, please ask the publisher.