OIDC Authentication with WebJS SDK
Initialize the SDK
Initialize the Descope SDK with your project ID. You can find this ID on the project page of your Descope console.
Note
You can also add the optional baseUrl
parameter if you're utilizing a CNAME within your Descope project (ex: https://auth.company.com
).
Start OIDC Login
Use sdk.oidc.loginWithRedirect()
to initiate the OIDC login process:
loginWithRedirect
Parameters
You can pass any of the following parameters into the loginWithRedirect
function to provide additional info to the OIDC provider:
redirect_uri
: A custom URI that overrides the default redirect after login. This will default to being the current URL.login_hint
: A hint to Descope of the user identifier (e.g., email address). This will pre-fill theform.externalId
context key in the flow you're redirected to.
Handle the OIDC Redirect
After successful authentication, the user is redirected back to your application. Call sdk.finishLoginIfNeeded()
to complete the process:
Maintain Session
To ensure the session persists across your application, add this to all authenticated pages:
Session Validation
The final step of completing the authentication with Descope is to validate the user session. Descope provides rich session management capabilities, including configurable session timeouts and logout functions. You can find the details and sample code for client session validation here.
Congratulations
Now that you've got the authentication down, go focus on building out the rest of your app!
Checkpoint
Your application is now integrated with Descope. Please test with sign-up or sign-in use case.