Introduction

WeWeb allows you to build web applications quickly and efficiently. This guide will help you integrate Descope's authentication solutions into your WeWeb projects, allowing you to focus on creating without worrying about complex authentication systems.

Getting Started with WeWeb

The easiest way to integrate Descope with WeWeb is to use our default OIDC Application and WeWeb's built-in OIDC authentication plugin.

Configure WeWeb for OIDC

  1. Navigate to the Auth section in your WeWeb dashboard, in the menu bar on the top of the screen, and select OIDC.
Adding OIDC WeWeb plugin.

  1. Configure the plugin for OIDC by entering the client ID, secret, and other details provided by Descope. You'll need the following items:
  • Client ID - Descope Project ID which you can find under Project Settings
  • Client Secret - Descope Access Key, which you can create under Access Keys
OIDC configuration in WeWeb.

You can read more specific instructions on how to configure OIDC on the WeWeb documentation page

Continue reading to learn how to handle redirection and user sessions, along with user and role management.

Handling Redirects and User/Role Management

  1. WeWeb can be configured to redirect to your login page automatically. Your login page can then restart the OIDC process and redirect to our hosted page. You can do this by selecting the options in this section below:
OIDC redirect option configuration.

  1. Next, you'll need to configure WeWeb to recognize the roles that are passed back from Descope in the JWT tokens:
OIDC roles configuration.

If you're using specific roles associated with specific Tenants, then Role Management with the native OIDC plugin will not work. In this case you'll need to integrate Descope manually with our WebJS SDK and Web Component.

Protecting Pages

The final step you'll need to do to integrate Descope with WeWeb, is to protect specific pages on your site from being accessed by non-authenticated users.

To manage this access, you can define who has access to every specific page with the Private Access option in the WeWeb page editor screen:

Private access screen.

If you have any questions on any of the steps mentioned above, you can refer to the WeWork documentation page for more clarity on these features.

Embed Authentication on Your Site

When using OIDC, you will be default be using our Auth Hosting application that will host and run your flows. You can choose to also embed your flow using our WebJS SDK in your website directly and redirect to it by changing the Flow Hosting URL under OIDC Applications.

If you want to embed the web component and SDK directly in your application, follow our general instructions on how to do so here

If you have any other questions about Descope or how to integrate with WeWeb, feel reach to reach out to us!