Passwordless technology can be confusing... In our previous post, we took a deep dive into various passwordless solutions with the goal to understand how it all works. What exactly do you do if you want to go passwordless? You can do it yourself, but the development and proper implementation will require significant resource investment. Master FIDO2 / WebAuthn, secure JWT tokens, manage sessions, deal with token validation, OIDC flows - just to name a few areas that need to be considered for secure and scalable passwordless implementation. At we faced the same challenge, and we decided to simplify things with our JavaScript SDK. Our goal was simple - provide you with a seamless intuitive integration experience, yet give you the flexibility to implement the login flows that you need. With one SDK and simple configuration you get it all - , , or login experience. You choose what works best for your use case through simple developer portal settings. idemeum one-click WebAuthn QR-code idemeum JS SDK provides 4 methods to help you with your login needs: , , , . By leveraging these methods you can enable passwordless, secure, and private login for your single-page application. login logout userClaims isLoggedIn In this guide, we will go through the following steps to implement passwordless login with idemeum JavaScript SDK: Initialize idemeum SDK Manage authentication state with isLoggedIn Log the user in and out with and login logout Get and validate user claims with userClaims 1. Initialize idemeum JavaScript SDK Basic HTML setup Our application will display a simple log in button. Upon clicking the button, user will be authenticated by idemeum. After successful authentication idemeum will return ID and Access tokens to the application, and the user will be greeted. As a first step, let's set up a simple page that we will be using for our application. We will set up some very simple css styles in order to format how things are organized in our page. index.html idemeum JS SDK idemeum JS authentication sample Welcome to Application! Loading... <!DOCTYPE html> < > html < > head < = /> meta charset "UTF-8" < > title </ > title < = = = /> link rel "stylesheet" type "text/css" href "/src/styles.css" </ > head < > body < > h2 </ > h2 < > h4 </ > h4 < = > div id "initial" </ > div </ > body </ > html And our simple file. styles.css { : sans-serif; } { : center; : center; : ; : center; : ; : ; } /* our css style sheet that we save in styles.css and then import in out index page */ body font-family #initial align-self justify-self background-color #eee text-align width 300px padding 27px 18px Import idemeum JS SDK We can now import idemeum JavaScript SDK. For this guide, we will simply import the script from idemeum CDN. < = > script src "https://asset.idemeum.com/webapp/SDK/idemeum.js" </ > script Initialize idemeum SDK We can now initialize idemeum SDK instance. Do not forget to use your that you obtained from idemeum developer portal. clientId idemeum = IdemeumManager( (clientId = ) ); var new // 👇 Replace clientId with the the one you get from idemeum developer portal "00000000-0000-0000-0000-000000000000" 2. Manage user authentication state idemeum SDK helps you manage authentication state of the user, so that you can determine if the user is logged in or not, and then take actions depending on the outcome. idemeum returns Boolean value to identify the user authentication state. isLoggedIn In our application, we will follow the following logic. If the user is logged in, we will greet the user and display user claims. In case the user is not logged in, we will not show any content and will simply display the button. login As you can see in the code below, we are simply using method for button event. login onclick { idemeum.isLoggedIn().then( { renderUserClaims(); }, { html = ; .getElementById( ).innerHTML = html; } ); } ( ) function isUserLoggedIn // Process the user logged-in state. ( ) function data // Display user claims if the user is logged in ( ) function errorData // Display the login button if the user is NOT logged in `<button id="btn-login" onclick="login()">Log in</button>` document "initial" And we can trigger simply when the body of the document loads. isUserLoggedIn() < = > body onload "isUserLoggedIn()" 3. Log the user in When user clicks button, idemeum SDK will trigger the method. Let's define what will need to happen in our application. On success our application will receive ID and Access tokens from idemeum. We will need to process and validate those tokens. In case there is failure, we can process that as well in our code. Login login { idemeum.login({ : { renderUserClaims(); }, : { } }); } ( ) function login onSuccess ( ) function signinResponse // Your application will receive ID and Access tokens from idemeum // renderUserClaims() (defined below) validates the oidc token and fetches the user approved claims onError ( ) function errorResponse // If there is an error you can process it here 4. Get and validate user claims idemeum SDK returns ID and Access tokens upon successful user login. For token validation you can: Validate token yourself using any of the open source JWT token validation . libraries Use idemeum SDK that provides method to validate tokens. userClaims In our guide we will rely on idemeum SDKs to validate tokens and extract user identity claims. In the code below we will take user claims (first name, last name, and email), and we will display these claims when the user is logged in. { idemeum .userClaims() .then( { htmlStart = ; htmlProfile = + userClaimsResponse.given_name + + + userClaimsResponse.family_name + + + userClaimsResponse.email; htmlEnd = ; .getElementById( ).innerHTML = htmlStart + htmlProfile + htmlEnd; }) .catch( { }); } ( ) function renderUserClaims ( ) function userClaimsResponse //fetch user approved claims from OIDC token `<div> <p align="left">You are currently logged in.</p> <pre id="ipt-user-profile" align="left">User profile:<br>` "<b><h3 style='color:Tomato;'>First Name:" "</h3></b><br>" "<b><h3 style='color:Tomato;'>Last Name:" "</h3></b><br>" "<b><h3 style='color:Tomato;'>Email:" ` </pre> </div> <button id="btn-logout" onclick="idemeum.logout();isUserLoggedIn();">Log out</button>` document "initial" ( ) function errorResponse // If there is an error you can process it here We are done with our simple SPA application! Check the full working code example in CodeSandbox. Also published here. If you have any questions❓or suggestions, please, reach out to or ping us on . support@idemeum.com Slack
