- The final OpenID Connect desktop code sample
- The goal is to implement OpenID Connect desktop logins with best usability and reliability
The desktop app is a simple UI with some basic navigation between views, to render fictional resources.
The data is returned from an API that authorizes access to resources using claims from multiple sources.
First ensure that Node.js 20+ is installed.
Then build the app via this command, which will build the renderer side of the app in watch mode:
./build.sh
Next run the app, to test the OpenID Connect desktop flow:
./run.sh
A login is triggered in the system browser, so that the app cannot access the user's credentials.
A private URI scheme callback URL of x-authsamples-desktopapp:/callback
is used to receive the login response:
You can login to the desktop app using my AWS Cognito test account:
- User: guestuser@example.com
- Password: GuestPassword1
You can then test all lifecycle operations, including token refresh, expiry events and logout.
Then package a platform-specific executable and test the release build behavior:
./pack.sh
- See the API Journey - Client Side for further information on the app's behaviour
- Further details specific to the desktop app are provided, starting in the Final Desktop Sample Overview
- Electron, TypeScript and React are used to implement the Cross Platform Desktop App
- The AppAuth-JS library is used to implement the Authorization Code Flow (PKCE)
- AWS Serverless or Kubernetes is used to host remote API endpoints used by the app
- AWS Cognito is used as the default Authorization Server for the UI and API