DEV Community: Yevheniia The latest articles on DEV Community by Yevheniia (@yevheniia_br). https://dev.to/yevheniia_br https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1633676%2F9df72e61-ccc2-4c58-b140-5eb93bc17795.jpg DEV Community: Yevheniia https://dev.to/yevheniia_br en πŸš€ Deploying an API to AWS Using a Serverless Architecture (Node.js, SAM, and Lambda) Yevheniia Sun, 24 Aug 2025 10:10:48 +0000 https://dev.to/yevheniia_br/deploy-a-nodejs-express-api-to-aws-with-sam-lambda-and-api-gateway-in-minutes-zero-servers-3fdk https://dev.to/yevheniia_br/deploy-a-nodejs-express-api-to-aws-with-sam-lambda-and-api-gateway-in-minutes-zero-servers-3fdk <p>To get a simple backend live quickly, serverless is the way to go. Instead of provisioning and managing servers, we can wrap our Express app, run it inside <a href="https://aws.amazon.com/en/lambda/" rel="noopener noreferrer">AWS Lambda</a>, and expose it through <a href="https://aws.amazon.com/en/api-gateway/" rel="noopener noreferrer">API Gateway</a>.</p> <p>In this guide, we’ll learn how to deploy a minimal Express API to AWS in a minutes ⏱️ using <a href="https://aws.amazon.com/en/serverless/sam/" rel="noopener noreferrer">AWS SAM</a> (Serverless Application Model). </p> <p><strong>The best part? No need to manage any servers infra - AWS will do it for us.</strong></p> <p>πŸ“‹<strong>Prerequisites and Setup</strong></p> <p>Before starting, ensure you have the following tools installed and configured:</p> <p>1️⃣ Node.js 18.x+ and npm - Download from <a href="https://nodejs.org/en" rel="noopener noreferrer">nodejs.org</a></p> <p>2️⃣ AWS CLI - <a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html" rel="noopener noreferrer">Install</a> and run <code>aws configure</code> with your AWS credentials</p> <p>3️⃣ AWS SAM CLI - Install from <code>github.com/aws/aws-sam-cli</code> or use <code>brew install aws-sam-cli</code> on macOS</p> <p>4️⃣ Active AWS account with Lambda/API Gateway permissions (first 1M requests/month are free)</p> <p>5️⃣ Verify setup by running:<code>aws sts get-caller-identity</code> and <code>sam --version</code></p> <p>πŸ“‚ <strong>Basic project structure</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>express-sample-api/ β”œβ”€β”€ api/ β”‚ β”œβ”€β”€ controllers/ β”‚ └── services/ β”‚ └── middlewares/ β”‚ └── routes/ β”‚ β”œβ”€β”€ app.ts β”œβ”€β”€ handler.ts # entry point for Lambda β”œβ”€β”€ package.json β”œβ”€β”€ template.yml # AWS SAM template (Lambda + API Gateway) └── samconfig.toml # Deployment config (stack name, region, etc.) </code></pre> </div> <p>πŸ”Œ<strong>Wrapping Express with serverless-http</strong></p> <p>The bridge between Express and AWS Lambda is <a href="https://www.npmjs.com/package/serverless-http" rel="noopener noreferrer">serverless-http</a> </p> <p>It converts incoming API Gateway events into Express-compatible requests. With this, we can run Express just like on a server β€” but serverlessly. <br> For that:</p> <p>1️⃣ Run <code>npm i serverless-http</code> </p> <p>2️⃣ Inside handler.ts add:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">serverless</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">serverless-http</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">app</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./app</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">NODE_ENV</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">event</span><span class="p">,</span> <span class="nx">context</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`App running in AWS Lambda. Environment: </span><span class="p">${</span><span class="nx">NODE_ENV</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">lambdaHandler</span> <span class="o">=</span> <span class="nf">serverless</span><span class="p">(</span><span class="nx">app</span><span class="p">);</span> <span class="k">return</span> <span class="nf">lambdaHandler</span><span class="p">(</span><span class="nx">event</span><span class="p">,</span> <span class="nx">context</span><span class="p">);</span> <span class="p">};</span> </code></pre> </div> <p>3️⃣ Basic app.ts (CORS, Auth and other logic is not the subject of this article, but still a little reminder - <strong>please DON'T forget</strong> to setup it for real API. You can find the detailed guide in my other <a href="https://dev.to/yevheniia_br/secure-your-expressjs-api-with-okta-in-minutes-68j">article</a>)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">apiRoutes</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./routes/index</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">PORT</span><span class="p">,</span> <span class="nx">NODE_ENV</span><span class="p">,</span> <span class="nx">LAMBDA_TASK_ROOT</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">runningOnLambda</span> <span class="o">=</span> <span class="o">!!</span><span class="nx">LAMBDA_TASK_ROOT</span><span class="p">;</span> <span class="c1">//this variable is AWS default, no need for manual setup</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api</span><span class="dl">"</span><span class="p">,</span> <span class="nx">apiRoutes</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">runningOnLambda</span><span class="p">)</span> <span class="p">{</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">PORT</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span> <span class="s2">`Local server running on http://localhost:</span><span class="p">${</span><span class="nx">PORT</span><span class="p">}</span><span class="s2">. Environment:</span><span class="p">${</span><span class="nx">NODE_ENV</span><span class="p">}</span><span class="s2">`</span> <span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">app</span><span class="p">;</span> </code></pre> </div> <p>πŸ—οΈ <strong>Infrastructure with AWS SAM</strong></p> <p>With AWS SAM, we define IaC (Infra as code) in template.yml:<br> 1️⃣ Define format version and environment variables:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">AWSTemplateFormatVersion</span><span class="pi">:</span> <span class="s1">'</span><span class="s">2010-09-09'</span> <span class="na">Transform</span><span class="pi">:</span> <span class="s">AWS::Serverless-2016-10-31</span> <span class="na">Parameters</span><span class="pi">:</span> <span class="na">Environment</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">String</span> <span class="na">Default</span><span class="pi">:</span> <span class="s">test</span> <span class="na">AllowedValues</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">development</span> <span class="pi">-</span> <span class="s">production</span> <span class="pi">-</span> <span class="s">test</span> <span class="na">DefaultAwsRegion</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">String</span> <span class="na">Default</span><span class="pi">:</span> <span class="s">eu-west-1</span> <span class="c1">#your AWS region (e.g. us-east-1)</span> <span class="na">Globals</span><span class="pi">:</span> <span class="na">Function</span><span class="pi">:</span> <span class="na">Runtime</span><span class="pi">:</span> <span class="s">nodejs18.x</span> <span class="na">Environment</span><span class="pi">:</span> <span class="na">Variables</span><span class="pi">:</span> <span class="na">NODE_ENV</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">Environment</span> <span class="c1">#that's how we map values from samconfig.toml to app level environment variable names</span> <span class="na">DEFAULT_AWS_REGION</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DefaultAwsRegion</span> </code></pre> </div> <p>2️⃣ REST API Gateway that forwards requests to the Lambda:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">ExpressSampleGateway</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Api</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Name</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s2">"</span><span class="s">ExpressSampleGateway_${Environment}"</span> <span class="na">StageName</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">Environment</span> <span class="na">Cors</span><span class="pi">:</span> <span class="na">AllowMethods</span><span class="pi">:</span> <span class="s2">"</span><span class="s">'GET,POST,OPTIONS,PUT,HEAD,PATCH,DELETE'"</span> <span class="na">AllowHeaders</span><span class="pi">:</span> <span class="s2">"</span><span class="s">'Content-Type,Authorization'"</span> <span class="na">AllowOrigin</span><span class="pi">:</span> <span class="s2">"</span><span class="s">'*'"</span> <span class="c1">#CORS config should be specified here or on the app level, note that the star is used here because CORS is controlled on app level in my case</span> </code></pre> </div> <p>3️⃣ A Lambda function IAM role:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">ExpressSampleLambdaRole</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::IAM::Role</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">RoleName</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s2">"</span><span class="s">ExpressSampleLambdaRole_${Environment}"</span> <span class="na">AssumeRolePolicyDocument</span><span class="pi">:</span> <span class="na">Version</span><span class="pi">:</span> <span class="s2">"</span><span class="s">2012-10-17"</span> <span class="na">Statement</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Effect</span><span class="pi">:</span> <span class="s">Allow</span> <span class="na">Principal</span><span class="pi">:</span> <span class="na">Service</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">lambda.amazonaws.com</span> <span class="na">Action</span><span class="pi">:</span> <span class="s">sts:AssumeRole</span> <span class="na">ManagedPolicyArns</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole</span> <span class="c1">#Here we attached minimum required role which is AWS managed, but in case your app need access to other AWS services (e.g. DB, S3, Secrets Manager) - you have to explicitely specify them in another policy.</span> </code></pre> </div> <p>4️⃣ A Lambda function that uses handler.handler as the entry point:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">ExpressSampleLambda</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">FunctionName</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s2">"</span><span class="s">ExpressSampleLambda_${Environment}"</span> <span class="na">CodeUri</span><span class="pi">:</span> <span class="s">dist/</span> <span class="c1">#after build command all the files will be inside dist folder (relevant only for TS, while for JS pass just dot - '.')</span> <span class="na">Role</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">ExpressSampleLambdaRole.Arn</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="c1">#our entry file/method</span> <span class="na">Timeout</span><span class="pi">:</span> <span class="m">180</span> <span class="c1">#3 min max execution time, while max allowed value might be up to 15 min</span> <span class="na">MemorySize</span><span class="pi">:</span> <span class="m">512</span> <span class="c1">#MB RAM</span> <span class="na">Events</span><span class="pi">:</span> <span class="na">ApiEvent</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">Api</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">RestApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">ExpressSampleGateway</span> <span class="c1">#Here we attach our API gateway as a trigger to Lambda</span> <span class="na">Path</span><span class="pi">:</span> <span class="s">/{proxy+}</span> <span class="na">Method</span><span class="pi">:</span> <span class="s">ANY</span> <span class="c1">#here we can limit it only to GET or POST methods if needed</span> <span class="na">Stage</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">Environment</span> </code></pre> </div> <p>5️⃣ Outputs that print the API URL once deployed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">Outputs</span><span class="pi">:</span> <span class="na">ApiEndpoint</span><span class="pi">:</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">API Gateway endpoint URL</span> <span class="na">Value</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s">https://${ExpressSampleGateway}.execute-api.${AWS::Region}.amazonaws.com/${Environment}/</span> </code></pre> </div> <p>SAM then expands this into <a href="https://aws.amazon.com/en/cloudformation/" rel="noopener noreferrer">CloudFormation</a> under the hood β€” no console clicking, everything is automated.</p> <p><strong>FYI - all that can be done in AWS Console (UI) as well</strong></p> <p><strong>βš™οΈ Deployment configuration</strong></p> <p>The samconfig.toml file holds our deployment settings so we don’t have to re-enter them every time:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight toml"><code><span class="py">version</span> <span class="p">=</span> <span class="mf">0.1</span> <span class="nn">[default.build.parameters]</span> <span class="py">cached</span> <span class="p">=</span> <span class="kc">true</span> <span class="py">parallel</span> <span class="p">=</span> <span class="kc">true</span> <span class="nn">[test]</span> <span class="nn">[test.deploy]</span> <span class="nn">[test.deploy.parameters]</span> <span class="py">stack_name</span> <span class="p">=</span> <span class="s">"express-serverless-sample-test"</span> <span class="py">resolve_s3</span> <span class="p">=</span> <span class="kc">true</span> <span class="py">s3_prefix</span> <span class="p">=</span> <span class="s">"express-serverless-sample-test"</span> <span class="py">region</span> <span class="p">=</span> <span class="s">"eu-west-1"</span> <span class="py">confirm_changeset</span> <span class="p">=</span> <span class="kc">false</span> <span class="py">capabilities</span> <span class="p">=</span> <span class="s">"CAPABILITY_NAMED_IAM"</span> <span class="py">parameter_overrides</span> <span class="p">=</span> <span class="py">"Environment</span><span class="p">=</span><span class="se">\"</span><span class="err">test</span><span class="se">\"</span> <span class="py">DefaultAwsRegion</span><span class="p">=</span><span class="se">\"</span><span class="err">eu-west</span><span class="mi">-1</span><span class="se">\"</span><span class="s">" #here we specify the values for our environment variables</span><span class="err"> </span><span class="py">image_repositories</span> <span class="p">=</span> <span class="p">[]</span> <span class="py">disable_rollback</span> <span class="p">=</span> <span class="kc">false</span> <span class="nn">[prod]</span> <span class="nn">[prod.deploy]</span> <span class="nn">[prod.deploy.parameters]</span> <span class="py">stack_name</span> <span class="p">=</span> <span class="s">"express-serverless-sample-prod"</span> <span class="py">resolve_s3</span> <span class="p">=</span> <span class="kc">true</span> <span class="py">s3_prefix</span> <span class="p">=</span> <span class="s">"express-serverless-sample-prod"</span> <span class="py">region</span> <span class="p">=</span> <span class="s">"eu-west-1"</span> <span class="py">confirm_changeset</span> <span class="p">=</span> <span class="kc">false</span> <span class="py">capabilities</span> <span class="p">=</span> <span class="s">"CAPABILITY_NAMED_IAM"</span> <span class="py">parameter_overrides</span> <span class="p">=</span> <span class="py">"Environment</span><span class="p">=</span><span class="se">\"</span><span class="err">production</span><span class="se">\"</span> <span class="py">DefaultAwsRegion</span><span class="p">=</span><span class="se">\"</span><span class="err">eu-west</span><span class="mi">-1</span><span class="se">\"</span><span class="s">" #here we specify the values for our environment variables</span><span class="err"> </span><span class="py">image_repositories</span> <span class="p">=</span> <span class="p">[]</span> <span class="py">disable_rollback</span> <span class="p">=</span> <span class="kc">false</span> </code></pre> </div> <p>πŸš€ <strong>Build &amp; deploy</strong></p> <p>Deploying is just 3 steps:</p> <ol> <li> <code>npm run build</code> - optional, needed only in case you use TS</li> <li> <code>sam build</code>πŸ› οΈ</li> <li> <code>sam deploy --config-env test</code> (e.g. prod - for production) πŸ“€</li> </ol> <p>When it’s done, you’ll see the API URL in the terminal - outputs section. Test it immediately with curl, Postman, or browser 🌐.</p> <p>πŸ” <strong>Verify in the AWS Console</strong></p> <p>After deployment, confirm everything works:</p> <p>1️⃣ API Gateway β†’ APIs β†’ ExpressSampleGateway_test</p> <p>Go to the Stages tab β†’ test.</p> <p>Copy the Invoke URL πŸ”—</p> <p>2️⃣ Lambda β†’ Functions β†’ ExpressSampleLambda_test</p> <p>Open the Monitor tab πŸ“Š</p> <p>Check for recent invocations</p> <p>For logs and debugging, head over to AWS CloudWatch Logs πŸ“œ.</p> <p><strong>Got questions? Drop them in the comments!</strong></p> πŸ” Managed Secure Authentication for Server-Side Applications (Node.js & Okta Example) Yevheniia Sun, 08 Jun 2025 16:54:04 +0000 https://dev.to/yevheniia_br/secure-your-expressjs-api-with-okta-in-minutes-68j https://dev.to/yevheniia_br/secure-your-expressjs-api-with-okta-in-minutes-68j <p>In this guide, we’ll integrate Okta authentication into an Express.js app using OAuth 2.0 and OIDC standards. We’ll verify JWTs, fetch public keys dynamically, and use robust middleware to protect our API β€” all in a modular, scalable way. If you’ve followed my <a href="https://dev.to/yevheniia_br/angular-authentication-with-okta-secure-your-app-in-minutes-3p41">Angular + Okta article</a>, this backend piece completes the picture.</p> <p>πŸ“¦ Prerequisites</p> <p>Okta Developer account with an app set up (<a href="https://dev.to/yevheniia_br/securing-api-access-with-oauth-20-and-openid-connect-using-okta-48ol">here</a> you can find the guide)<br> Node.js + Express.js basic app<br> npm i jsonwebtoken<br> npm i axios</p> <p>🧩 Okta Config</p> <p>Create okta.config.ts to centralize your Okta metadata:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">OktaConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="na">issuer</span><span class="p">:</span> <span class="dl">"</span><span class="s2">https://dev-your_acc_id.okta.com/oauth2/default</span><span class="dl">"</span><span class="p">,</span> <span class="na">audience</span><span class="p">:</span> <span class="dl">"</span><span class="s2">your_audience</span><span class="dl">"</span><span class="p">,</span> <span class="kd">get</span> <span class="nf">jwksUri</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">$</span><span class="p">{</span><span class="k">this</span><span class="p">.</span><span class="nx">issuer</span><span class="p">}</span><span class="sr">/v1/</span><span class="nx">keys</span><span class="p">;</span> <span class="p">},</span> <span class="p">};</span> </code></pre> </div> <p>🌐 HTTP Request Service<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">axios</span><span class="p">,</span> <span class="p">{</span> <span class="nx">AxiosRequestConfig</span><span class="p">,</span> <span class="nx">AxiosResponse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">axios</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CRUDHttpMethods</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../enums/crud.enum</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">logger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../../utils/logger</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">HttpRequestService</span> <span class="p">{</span> <span class="k">static</span> <span class="k">async</span> <span class="nf">executeHttp</span><span class="p">(</span> <span class="nx">method</span><span class="p">:</span> <span class="nx">CRUDHttpMethods</span><span class="p">,</span> <span class="nx">url</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">params</span><span class="p">:</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nx">unknown</span><span class="o">&gt;</span> <span class="o">=</span> <span class="p">{},</span> <span class="nx">headers</span><span class="p">:</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="kr">any</span><span class="o">&gt;</span> <span class="o">=</span> <span class="p">{},</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="na">config</span><span class="p">:</span> <span class="nx">AxiosRequestConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">url</span><span class="p">,</span> <span class="nx">method</span><span class="p">,</span> <span class="na">responseType</span><span class="p">:</span> <span class="dl">"</span><span class="s2">json</span><span class="dl">"</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="mi">240000</span><span class="p">,</span> <span class="nx">headers</span><span class="p">,</span> <span class="p">...(</span><span class="nx">method</span> <span class="o">===</span> <span class="nx">CRUDHttpMethods</span><span class="p">.</span><span class="nx">GET</span> <span class="p">?</span> <span class="p">{</span> <span class="nx">params</span> <span class="p">}</span> <span class="p">:</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="nx">params</span> <span class="p">})</span> <span class="p">};</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="na">response</span><span class="p">:</span> <span class="nx">AxiosResponse</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">axios</span><span class="p">(</span><span class="nx">config</span><span class="p">);</span> <span class="nf">logger</span><span class="p">(</span><span class="dl">"</span><span class="s2">info</span><span class="dl">"</span><span class="p">,</span> <span class="s2">`</span><span class="p">${</span><span class="nx">method</span><span class="p">}</span><span class="s2"> request to </span><span class="p">${</span><span class="nx">url</span><span class="p">}</span><span class="s2"> succeeded`</span><span class="p">,</span> <span class="dl">"</span><span class="s2">HttpRequestService:executeHttp</span><span class="dl">"</span><span class="p">);</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nx">data</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nf">logger</span><span class="p">(</span><span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="s2">`Failed </span><span class="p">${</span><span class="nx">method</span><span class="p">}</span><span class="s2"> to </span><span class="p">${</span><span class="nx">url</span><span class="p">}</span><span class="s2">: </span><span class="p">${</span><span class="nx">err</span><span class="p">?.</span><span class="nx">message</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="dl">"</span><span class="s2">HttpRequestService:executeHttp</span><span class="dl">"</span><span class="p">);</span> <span class="k">throw</span> <span class="nx">err</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>πŸ” JWT Validation Service</p> <p>Here’s the token validator that fetches public keys from Okta and verifies tokens securely.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">jwt</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">jsonwebtoken</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">HttpRequestService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./http-request.service</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CRUDHttpMethods</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../enums/crud.enum</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaConfig</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../config/okta</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">issuer</span><span class="p">,</span> <span class="nx">audience</span><span class="p">,</span> <span class="nx">jwksUri</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">OktaConfig</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">JwtService</span> <span class="p">{</span> <span class="k">static</span> <span class="k">async</span> <span class="nf">validateToken</span><span class="p">(</span><span class="nx">token</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">tokenParts</span> <span class="o">=</span> <span class="nx">token</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">.</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">header</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nf">atob</span><span class="p">(</span><span class="nx">tokenParts</span><span class="p">[</span><span class="mi">0</span><span class="p">]));</span> <span class="kd">const</span> <span class="nx">kid</span> <span class="o">=</span> <span class="nx">header</span><span class="p">.</span><span class="nx">kid</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">key</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">JwtService</span><span class="p">.</span><span class="nf">getSigningKey</span><span class="p">(</span><span class="nx">kid</span><span class="p">);</span> <span class="k">try</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">jwt</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">token</span><span class="p">,</span> <span class="nx">key</span><span class="p">,</span> <span class="p">{</span> <span class="na">audience</span><span class="p">:</span> <span class="nx">audience</span><span class="p">,</span> <span class="na">issuer</span><span class="p">:</span> <span class="nx">issuer</span><span class="p">,</span> <span class="na">algorithms</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">RS256</span><span class="dl">"</span><span class="p">],</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="nx">error</span><span class="p">?.</span><span class="nx">message</span> <span class="o">||</span> <span class="dl">'</span><span class="s1">Okta token verification error</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">private</span> <span class="k">static</span> <span class="k">async</span> <span class="nf">getSigningKey</span><span class="p">(</span><span class="nx">kid</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">string</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">HttpRequestService</span><span class="p">.</span><span class="nf">executeHttp</span><span class="p">(</span> <span class="nx">CRUDHttpMethods</span><span class="p">.</span><span class="nx">GET</span><span class="p">,</span> <span class="nx">jwksUri</span> <span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">data</span><span class="p">.</span><span class="nx">keys</span> <span class="o">||</span> <span class="nx">data</span><span class="p">.</span><span class="nx">keys</span><span class="p">.</span><span class="nx">length</span> <span class="o">===</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">No Okta signing keys found in JWKS.</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">key</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">keys</span><span class="p">.</span><span class="nf">find</span><span class="p">((</span><span class="nx">k</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">k</span><span class="p">.</span><span class="nx">kid</span> <span class="o">===</span> <span class="nx">kid</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">key</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span> <span class="dl">"</span><span class="s2">No matching Okta signing key found based on provided token</span><span class="dl">"</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">signingKey</span> <span class="o">=</span> <span class="nx">JwtService</span><span class="p">.</span><span class="nf">generatePemKey</span><span class="p">(</span><span class="nx">key</span><span class="p">.</span><span class="nx">n</span><span class="p">,</span> <span class="nx">key</span><span class="p">.</span><span class="nx">e</span><span class="p">);</span> <span class="k">return</span> <span class="nx">signingKey</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">errorMessage</span> <span class="o">=</span> <span class="s2">`An error has occured during retrieving signing key from Okta API. Message: </span><span class="p">${</span><span class="nx">error</span><span class="p">?.</span><span class="nx">response</span><span class="p">?.</span><span class="nx">data</span><span class="p">?.</span><span class="nx">errorSummary</span> <span class="o">||</span> <span class="nx">error</span><span class="p">?.</span><span class="nx">message</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">seems like Okta API is unavailable.</span><span class="dl">"</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="nx">errorMessage</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">private</span> <span class="k">static</span> <span class="nf">generatePemKey</span><span class="p">(</span><span class="nx">n</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">e</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="kr">string</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">modulus</span> <span class="o">=</span> <span class="nx">Buffer</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="nx">n</span><span class="p">,</span> <span class="dl">"</span><span class="s2">base64</span><span class="dl">"</span><span class="p">).</span><span class="nf">toString</span><span class="p">(</span><span class="dl">"</span><span class="s2">hex</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">exponent</span> <span class="o">=</span> <span class="nx">Buffer</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="nx">e</span><span class="p">,</span> <span class="dl">"</span><span class="s2">base64</span><span class="dl">"</span><span class="p">).</span><span class="nf">toString</span><span class="p">(</span><span class="dl">"</span><span class="s2">hex</span><span class="dl">"</span><span class="p">);</span> <span class="k">return </span><span class="p">(</span> <span class="s2">`-----BEGIN RSA PUBLIC KEY-----\n`</span> <span class="o">+</span> <span class="nx">Buffer</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="s2">`3082010a0282010100</span><span class="p">${</span><span class="nx">modulus</span><span class="p">}</span><span class="s2">0203</span><span class="p">${</span><span class="nx">exponent</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="dl">"</span><span class="s2">hex</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">toString</span><span class="p">(</span><span class="dl">"</span><span class="s2">base64</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">match</span><span class="p">(</span><span class="sr">/.</span><span class="se">{1,64}</span><span class="sr">/g</span><span class="p">)</span> <span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">"</span><span class="se">\n</span><span class="dl">"</span><span class="p">)</span> <span class="o">+</span> <span class="s2">`\n-----END RSA PUBLIC KEY-----`</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>🧱 Authentication Middleware<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Request</span><span class="p">,</span> <span class="nx">Response</span><span class="p">,</span> <span class="nx">NextFunction</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">JwtService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../services/jwt-validation.service</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">HttpStatus</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../enums/http-status.enum</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">httpResponseFailed</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../helpers/api-response.helper</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">AuthMiddleware</span> <span class="p">{</span> <span class="k">static</span> <span class="k">async</span> <span class="nf">validateToken</span><span class="p">(</span> <span class="nx">req</span><span class="p">:</span> <span class="nx">Request</span><span class="p">,</span> <span class="nx">res</span><span class="p">:</span> <span class="nx">Response</span><span class="p">,</span> <span class="nx">next</span><span class="p">:</span> <span class="nx">NextFunction</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">authHeader</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">"</span><span class="s2">authorization</span><span class="dl">"</span><span class="p">]</span> <span class="o">||</span> <span class="nx">req</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">"</span><span class="s2">Authorization</span><span class="dl">"</span><span class="p">];</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">authHeader</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span> <span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">UNAUTHIRIZED</span><span class="p">)</span> <span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nf">httpResponseFailed</span><span class="p">(</span><span class="dl">"</span><span class="s2">Missing token</span><span class="dl">"</span><span class="p">));</span> <span class="p">}</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="p">(</span><span class="nx">authHeader</span> <span class="k">as</span> <span class="kr">string</span><span class="p">).</span><span class="nf">replace</span><span class="p">(</span><span class="sr">/bearer</span><span class="se">\s?</span><span class="sr">/i</span><span class="p">,</span> <span class="dl">""</span><span class="p">).</span><span class="nf">trim</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">payload</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">JwtService</span><span class="p">.</span><span class="nf">validateToken</span><span class="p">(</span><span class="nx">token</span><span class="p">);</span> <span class="p">(</span><span class="nx">req</span> <span class="k">as</span> <span class="kr">any</span><span class="p">).</span><span class="nx">user</span> <span class="o">=</span> <span class="nx">payload</span><span class="p">;</span> <span class="nf">next</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span> <span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">UNAUTHIRIZED</span><span class="p">)</span> <span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nf">httpResponseFailed</span><span class="p">(</span><span class="nx">err</span><span class="p">?.</span><span class="nx">message</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">Invalid token</span><span class="dl">"</span><span class="p">));</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>πŸ§ͺ Wire It Up in app.ts</p> <p>Attach the middleware globally or per route:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">cors</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">cors</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">apiRoutes</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./api/routes/index</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AuthMiddleware</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./api/middlewares/auth.middleware</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">corsConfig</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./config/cors</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">logger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./utils/logger</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">cors</span><span class="p">(</span><span class="nx">corsConfig</span><span class="p">));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">AuthMiddleware</span><span class="p">.</span><span class="nx">validateToken</span><span class="p">);</span> <span class="c1">// πŸ” Protect all routes</span> <span class="c1">//app.use('api/private', AuthMiddleware.validateToken, privateRoutes); - in case you want to secure only certain routes</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">logger</span><span class="p">(</span><span class="dl">"</span><span class="s2">info</span><span class="dl">"</span><span class="p">,</span> <span class="s2">`Server started on port </span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="dl">"</span><span class="s2">app.ts</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api</span><span class="dl">"</span><span class="p">,</span> <span class="nx">apiRoutes</span><span class="p">);</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">app</span><span class="p">;</span> </code></pre> </div> <p>πŸ“š Resources used</p> <p>πŸ” <a href="https://developer.okta.com/" rel="noopener noreferrer">Okta Developer Documentation</a> (OAuth 2.0 + OIDC)</p> <p>🧰 jsonwebtoken <a href="https://github.com/auth0/node-jsonwebtoken" rel="noopener noreferrer">GitHub</a> Repo</p> <p>πŸ“– Node.js Official <a href="https://nodejs.org/" rel="noopener noreferrer">Docs</a></p> <p>πŸ”Ž Express.js <a href="https://expressjs.com/en/guide/using-middleware.html" rel="noopener noreferrer">Middleware Concepts</a></p> <p>πŸ§ͺ Testing APIs with <a href="https://www.postman.com/" rel="noopener noreferrer">Postman</a></p> <p>Got questions? Drop them in the comments!<br> Stay secure and clean. πŸ”βœ¨</p> πŸ” Modern Secure Authentication in Frontend Applications (Angular & Okta Example) Yevheniia Mon, 10 Mar 2025 09:30:48 +0000 https://dev.to/yevheniia_br/angular-authentication-with-okta-secure-your-app-in-minutes-3p41 https://dev.to/yevheniia_br/angular-authentication-with-okta-secure-your-app-in-minutes-3p41 <p>Hey devs! πŸ‘‹ In this guide, we’ll integrate OAuth 2.0 + OpenID Connect step by step. If you followed my <a href="https://dev.to/yevheniia_br/securing-api-access-with-oauth-20-and-openid-connect-using-okta-48ol">previous article</a> on Okta setup, you’re all set to continue! </p> <p>What We’ll Cover</p> <p>βœ… Installing the Okta Angular SDK<br> βœ… Setting up Okta configuration<br> βœ… Creating an Okta authentication service<br> βœ… Adding logic to Login component<br> βœ… Updating Angular routing<br> βœ… Checking if the user is logged in</p> <p>Let’s get started! 🎯</p> <p>πŸ“Œ Step 1: Install Okta SDK</p> <p>Run this command to install the <a href="https://www.npmjs.com/package/@okta/okta-angular" rel="noopener noreferrer">Okta Angular SDK</a>:</p> <p>npm install <a class="mentioned-user" href="https://dev.to/okta">@okta</a>/okta-angular</p> <p>This package simplifies authentication in Angular apps using OAuth 2.0 &amp; OIDC.</p> <p>πŸ“Œ Step 2: Create okta.config.ts<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuthOptions</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-auth-js</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">oktaConfig</span><span class="p">:</span> <span class="nx">OktaAuthOptions</span> <span class="o">=</span> <span class="p">{</span> <span class="na">issuer</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://dev-your_acc.okta.com/oauth2/default</span><span class="dl">'</span><span class="p">,</span> <span class="na">clientId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your_client_id</span><span class="dl">'</span><span class="p">,</span> <span class="na">redirectUri</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nb">window</span><span class="p">.</span><span class="nx">location</span><span class="p">.</span><span class="nx">origin</span><span class="p">}</span><span class="s2">/login/callback`</span><span class="p">,</span> <span class="na">pkce</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">scopes</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">openid</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">profile</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">],</span> <span class="p">};</span> </code></pre> </div> <p>πŸ”Ή Why This Matters?</p> <p>Issuer β†’ Your Okta domain.</p> <p>Client ID β†’ From your Okta app.</p> <p>Redirect URI β†’ Must match Okta settings.</p> <p>Scopes β†’ Controls what user info can be accessed.</p> <p>πŸ“Œ Step 3: Create Okta Auth Service<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Inject</span><span class="p">,</span> <span class="nx">Injectable</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OKTA_AUTH</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-angular</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuth</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-auth-js</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">({</span> <span class="na">providedIn</span><span class="p">:</span> <span class="dl">'</span><span class="s1">root</span><span class="dl">'</span><span class="p">,</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">OktaAuthService</span> <span class="p">{</span> <span class="k">public</span> <span class="nx">isAuthenticated$</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">BehaviorSubject</span><span class="o">&lt;</span><span class="nx">boolean</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">false</span><span class="p">);</span> <span class="nf">constructor</span><span class="p">(@</span><span class="nd">Inject</span><span class="p">(</span><span class="nx">OKTA_AUTH</span><span class="p">)</span> <span class="k">private</span> <span class="nx">oktaAuth</span><span class="p">:</span> <span class="nx">OktaAuth</span><span class="p">)</span> <span class="p">{}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">signIn</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaAuth</span><span class="p">.</span><span class="nf">signInWithRedirect</span><span class="p">();</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">signOut</span><span class="p">()</span> <span class="p">{</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaAuth</span><span class="p">.</span><span class="nf">signOut</span><span class="p">();</span> <span class="p">}</span> <span class="k">public</span> <span class="nf">getAccessToken</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaAuth</span><span class="p">.</span><span class="nf">getAccessToken</span><span class="p">();</span> <span class="p">}</span> <span class="k">public</span> <span class="nf">isAuthenticated</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaAuth</span><span class="p">.</span><span class="nx">authStateManager</span><span class="p">.</span><span class="nf">getAuthState</span><span class="p">()?.</span><span class="nx">isAuthenticated</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>πŸ“Œ Step 4: Update/create login.component.ts<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Component</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuthService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">../okta-auth.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Component</span><span class="p">({</span> <span class="na">selector</span><span class="p">:</span> <span class="dl">'</span><span class="s1">app-login</span><span class="dl">'</span><span class="p">,</span> <span class="na">templateUrl</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./login.component.html</span><span class="dl">'</span><span class="p">,</span> <span class="na">styleUrl</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./login.component.scss</span><span class="dl">'</span><span class="p">,</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">LoginComponent</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="k">private</span> <span class="nx">oktaService</span><span class="p">:</span> <span class="nx">OktaAuthService</span><span class="p">)</span> <span class="p">{}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">login</span><span class="p">()</span> <span class="p">{</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaService</span><span class="p">.</span><span class="nf">signIn</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>πŸ“Œ Step 5: Update app.routes.ts<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Routes</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/router</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaCallbackComponent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-angular</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AuthGuard</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./shared/guards/auth.guard</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">routes</span><span class="p">:</span> <span class="nx">Routes</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">''</span><span class="p">,</span> <span class="na">redirectTo</span><span class="p">:</span> <span class="dl">'</span><span class="s1">main</span><span class="dl">'</span><span class="p">,</span> <span class="na">pathMatch</span><span class="p">:</span> <span class="dl">'</span><span class="s1">full</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">login/callback</span><span class="dl">'</span><span class="p">,</span><span class="c1">//Handles Okta’s redirect callback after login.</span> <span class="na">component</span><span class="p">:</span> <span class="nx">OktaCallbackComponent</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">login</span><span class="dl">'</span><span class="p">,</span> <span class="na">loadChildren</span><span class="p">:</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="k">import</span><span class="p">(</span><span class="dl">'</span><span class="s1">./pages/login/login.module</span><span class="dl">'</span><span class="p">).</span><span class="nf">then</span><span class="p">(</span><span class="nx">m</span> <span class="o">=&gt;</span> <span class="nx">m</span><span class="p">.</span><span class="nx">LoginModule</span><span class="p">),</span> <span class="p">},</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">main</span><span class="dl">'</span><span class="p">,</span> <span class="na">loadChildren</span><span class="p">:</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="k">import</span><span class="p">(</span><span class="dl">'</span><span class="s1">./pages/main/main.module</span><span class="dl">'</span><span class="p">).</span><span class="nf">then</span><span class="p">(</span><span class="nx">m</span> <span class="o">=&gt;</span> <span class="nx">m</span><span class="p">.</span><span class="nx">MainModule</span><span class="p">),</span> <span class="na">canActivate</span><span class="p">:</span> <span class="p">[</span><span class="nx">AuthGuard</span><span class="p">],</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="na">okta</span><span class="p">:</span> <span class="p">{</span> <span class="na">acrValues</span><span class="p">:</span> <span class="dl">'</span><span class="s1">urn:okta:loa:2fa:any</span><span class="dl">'</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">];</span> </code></pre> </div> <p>πŸ“Œ Step 6: Update app.config.ts (e.g. This ensures OktaAuth is globally available in your app.)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">ApplicationConfig</span><span class="p">,</span> <span class="nx">importProvidersFrom</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">provideRouter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/router</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">provideAnimationsAsync</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/platform-browser/animations/async</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">provideAnimations</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/platform-browser/animations</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuthModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-angular</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuth</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@okta/okta-auth-js</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">routes</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./app.routes</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">oktaConfig</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./configs/okta.config</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">appConfig</span><span class="p">:</span> <span class="nx">ApplicationConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="na">providers</span><span class="p">:</span> <span class="p">[</span> <span class="nf">provideRouter</span><span class="p">(</span><span class="nx">routes</span><span class="p">),</span> <span class="nf">provideAnimationsAsync</span><span class="p">(),</span> <span class="nf">provideAnimations</span><span class="p">(),</span> <span class="nf">importProvidersFrom</span><span class="p">(</span> <span class="nx">OktaAuthModule</span><span class="p">.</span><span class="nf">forRoot</span><span class="p">({</span> <span class="na">oktaAuth</span><span class="p">:</span> <span class="k">new</span> <span class="nc">OktaAuth</span><span class="p">({</span> <span class="p">...</span><span class="nx">oktaConfig</span><span class="p">,</span> <span class="p">}),</span> <span class="p">}),</span> <span class="p">),</span> <span class="p">]</span> <span class="p">};</span> </code></pre> </div> <p>πŸ“Œ Step 7: Check If User is Logged In and Set Auth State<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">CommonModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Component</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">RouterOutlet</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/router</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">OktaAuthService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./shared/services/okta-auth.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Component</span><span class="p">({</span> <span class="na">selector</span><span class="p">:</span> <span class="dl">'</span><span class="s1">app-root</span><span class="dl">'</span><span class="p">,</span> <span class="na">standalone</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">imports</span><span class="p">:</span> <span class="p">[</span><span class="nx">RouterOutlet</span><span class="p">,</span> <span class="nx">CommonModule</span><span class="p">],</span> <span class="na">templateUrl</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./app.component.html</span><span class="dl">'</span><span class="p">,</span> <span class="na">styleUrl</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./app.component.scss</span><span class="dl">'</span><span class="p">,</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">AppComponent</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="k">private</span> <span class="nx">oktaService</span><span class="p">:</span> <span class="nx">OktaAuthService</span><span class="p">)</span> <span class="p">{}</span> <span class="nf">ngOnInit</span><span class="p">()</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">oktaService</span><span class="p">.</span><span class="nx">isAuthenticated$</span><span class="p">.</span><span class="nf">next</span><span class="p">(</span><span class="k">this</span><span class="p">.</span><span class="nx">oktaService</span><span class="p">.</span><span class="nf">isAuthenticated</span><span class="p">()</span> <span class="o">||</span> <span class="kc">false</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>🎯 Now your Angular app is secured with Okta authentication!</p> <p>➑️ In my next article, we’ll secure API requests with access tokens &amp; backend verification. Stay tuned!</p> <p>Got questions? Drop them in the comments!</p> πŸ” Securing API Access with OAuth 2.0 and OpenID Connect using Okta Yevheniia Sat, 08 Mar 2025 11:30:33 +0000 https://dev.to/yevheniia_br/securing-api-access-with-oauth-20-and-openid-connect-using-okta-48ol https://dev.to/yevheniia_br/securing-api-access-with-oauth-20-and-openid-connect-using-okta-48ol <p>Hey devs! πŸ‘‹ Today, we’re diving into how to secure your API using OAuth 2.0 and OpenID Connect (OIDC) with Okta. Whether you’re building an Angular app or setting up RBAC (Role-Based Access Control), this guide will walk you through the Okta setup from scratchβ€”no prior experience needed!</p> <p>πŸš€ What We’ll Cover</p> <p>βœ… Setting up Okta from the very beginning (no account? No problem!)<br> βœ… Creating user groups and assigning access (RBAC in action)<br> βœ… Setting up an OAuth 2.0 app in Okta<br> βœ… Configuring authentication &amp; API policies</p> <p>πŸ”§ Step 1: Get an Okta Developer Account</p> <p>First thing we need is an Okta Developer Edition account. It’s free and gives us everything we need for secure authentication.</p> <p>1️⃣ Go to <a href="https://developer.okta.com/signup/" rel="noopener noreferrer">Okta Developer</a> and click Sign Up.</p> <p>2️⃣ Select Developer Edition<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjevxmlo6ak4umf8px85z.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjevxmlo6ak4umf8px85z.png" alt="okta_developer_edition" width="800" height="360"></a></p> <p>3️⃣ Fill in your email, company name, and region. Note: Okta requires business email, if you don't have one you can quickly buy it for a cheap price (e.g. domain can be bought on <a href="https://www.godaddy.com/" rel="noopener noreferrer">GoDaddy</a> while custom email address on <a href="https://account.proton.me/" rel="noopener noreferrer">proton</a>)</p> <p>4️⃣ Verify your email and log in to your Okta Admin Dashboard.</p> <p>Once you’re in, you’ll see your Okta domain at the top (something like <a href="https://dev-xxxxxx.okta.com" rel="noopener noreferrer">https://dev-xxxxxx.okta.com</a>). Save thisβ€”it’s important!</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fow0fdfr3q16kd8g8cjp2.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fow0fdfr3q16kd8g8cjp2.jpg" alt="okta_domain" width="800" height="116"></a></p> <p>πŸ‘₯ Step 2: Set Up User Groups for RBAC</p> <p>Using groups in Okta makes access control easy. Instead of manually managing users, we’ll create a group and assign access at the group level.</p> <p>πŸ“Œ Create a Group</p> <p>1️⃣ In the Okta Admin Dashboard, go to Directory β†’ Groups.</p> <p>2️⃣ Click "Add Group".</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F78mwlvge5d97cdjwdtwn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F78mwlvge5d97cdjwdtwn.png" alt="okta_groups" width="800" height="433"></a><br> 3️⃣ Give it a name and add short description.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1z0bi3njld2v0q0m7kpn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1z0bi3njld2v0q0m7kpn.png" alt="okta_groups" width="800" height="208"></a></p> <p>4️⃣ Your new group can be found here ⬇️<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1alxkmm887rc9dkcbao5.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1alxkmm887rc9dkcbao5.png" alt="okta_groups" width="800" height="290"></a></p> <p>πŸ“Œ Add Users to the Group</p> <p>1️⃣ Go to Directory β†’ Groups.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmpacmbkb1wq7hbg9pvaw.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmpacmbkb1wq7hbg9pvaw.png" alt="okta_groups_users" width="800" height="336"></a></p> <p>2️⃣ Inside groups locate the desired group and click on it<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0xzcvecdjp24hnuc89sg.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0xzcvecdjp24hnuc89sg.png" alt="okta_groups_users" width="800" height="336"></a></p> <p>3️⃣ Click "Assign people".<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9nmhcof4fuivfpkmv5bf.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9nmhcof4fuivfpkmv5bf.jpg" alt="okta_groups_users" width="800" height="335"></a></p> <p>4️⃣ Click on plus button near the desired user.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcjzraoijf2kk2bt8ayu2.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcjzraoijf2kk2bt8ayu2.jpg" alt="okta_groups_users" width="800" height="335"></a></p> <p>🎯 Why This Matters:<br> RBAC (Role-Based Access Control) ensures only the right users can log in to your app. Later, we’ll restrict API access to this group.</p> <p>πŸ› οΈ Step 3: Create an OAuth 2.0 App in Okta</p> <p>Now, let’s register our Angular app in Okta so it can use OAuth 2.0 and OpenID Connect (OIDC) for authentication.</p> <p>πŸ“Œ Create a New App</p> <p>1️⃣ Go to Applications β†’ Applications β†’ Create App Integration.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm4vrhow5g258umpenixe.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm4vrhow5g258umpenixe.png" alt="okta_app" width="800" height="302"></a></p> <p>2️⃣ Choose "OIDC - OpenID Connect" as the sign-in method.</p> <p>3️⃣ Select "Single Page Application (SPA)" as the app type.</p> <p>4️⃣ Click Next.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh4j28jgp7uekajgrgd8t.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh4j28jgp7uekajgrgd8t.png" alt="okta_app" width="800" height="640"></a></p> <p>πŸ“Œ Give it a name and configure redirect URIs</p> <p>1️⃣ Base URI β†’ <a href="http://localhost:4200" rel="noopener noreferrer">http://localhost:4200</a></p> <p>2️⃣ Login Redirect URI β†’ <a href="http://localhost:4200/login/callback" rel="noopener noreferrer">http://localhost:4200/login/callback</a></p> <p>3️⃣ Logout Redirect URI β†’ <a href="http://localhost:4200" rel="noopener noreferrer">http://localhost:4200</a></p> <p>πŸ“Œ Enable OAuth 2.0 Grant Types</p> <p>1️⃣ Inside grant type section enable:<br> βœ… Authorization Code (more secure than implicit flow).<br> βœ… Refresh Token (for session persistence).</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkkhma0tm6h7afu99nix6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkkhma0tm6h7afu99nix6.png" alt="okta_app" width="800" height="585"></a></p> <p>πŸ“Œ Set Controlled Access</p> <p>1️⃣ Select "Limit access to selected groups".</p> <p>2️⃣ Choose the groups (this restricts access to only assigned users).</p> <p>3️⃣ Click Save.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcj9riqib9iyvsusg7hwz.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcj9riqib9iyvsusg7hwz.png" alt="okta_app" width="800" height="176"></a></p> <p>Now our Angular app is registered with Okta and ready to authenticate users! πŸŽ‰</p> <p>πŸ”’ Step 4: Configure Authentication &amp; API Access Policies</p> <p>Okta uses authentication policies to control who can log in and API policies to manage who gets access tokens. Let’s configure both!</p> <p>πŸ“Œ Set Up Authentication Policy (2FA Required!)</p> <p>We want our users to log in with password + Okta Verify (TOTP) for extra security. By default Okta applies 'Any two factors' to new apps, but we have to ensure on it.</p> <p>1️⃣ Go to Security β†’ Authentication Policies and ensure the 'Any two factors' policy was applied to our app.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6udhdd7wifaau3zi14n8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6udhdd7wifaau3zi14n8.png" alt="okta_security" width="800" height="365"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa3e5l8d0t8gtnbdjagph.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa3e5l8d0t8gtnbdjagph.png" alt="okta_security" width="800" height="365"></a></p> <p><strong>If not - then create the new one and apply it to the app:</strong><br> 2️⃣ Click Create Policy β†’ Name it 'Angular Users Policy'.</p> <p>3️⃣ Under Rules, set:<br> βœ… Require Password (Knowledge Factor).<br> βœ… Require Okta Verify - TOTP (Possession Factor).</p> <p>4️⃣ Click Save and assign this policy to our Angular app.</p> <p>πŸ“Œ Configure API Authorization Policies</p> <blockquote> <p>πŸš€ Why Restrict API Tokens at the User Level, Not Just the App?<br> Imagine an attacker registers another app inside Oktaβ€”if API policies only checked app authentication, this fake app could get valid access tokens! 😱<br> By locking API tokens to specific user groups, we ensure that only authorized users within trusted apps can access our API. πŸ”</p> </blockquote> <p>1️⃣ Prepare the ClientId of our angular app<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe1zlxwde4xfd2apo7x7o.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe1zlxwde4xfd2apo7x7o.jpg" alt="okta_client_id" width="800" height="365"></a></p> <p>2️⃣ Go to Security β†’ API β†’ Authorization Servers.</p> <p>3️⃣ Click "default" Authorization Server β†’ Go to Access Policies.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmykmg43fgtzmpf0los6d.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmykmg43fgtzmpf0los6d.jpg" alt="okta_security" width="800" height="365"></a></p> <p>4️⃣ Click "Add Policy", give it a name (e.g. 'angular_app_policy'), and assign it to your angular app using its ClientID.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnuvv70amt542zclrc59n.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnuvv70amt542zclrc59n.png" alt="okta_security" width="800" height="393"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffszr8s695sfb4po9fgmw.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffszr8s695sfb4po9fgmw.jpg" alt="okta_security" width="800" height="365"></a></p> <p>5️⃣ Add a Rule:<br> βœ… Allow Authorization Code with PKCE.<br> βœ… Apply it only to desired groups.<br> βœ… Allow Scopes (optional): openid, profile, email (restrict access to only necessary data).</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F65zcstnq9fmpbfz7mmne.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F65zcstnq9fmpbfz7mmne.png" alt="okta_security" width="708" height="744"></a></p> <p>6️⃣ Click Save.</p> <p>🎯 Why This Matters:</p> <p>βœ… Ensures only authenticated users can get API tokens.<br> βœ… Restricts API access based on user groups.<br> βœ… Uses scopes to limit what data users can access.</p> <blockquote> <p>πŸ”₯ What’s Next? Frontend &amp; Backend Integration!<br> Now that Okta is fully set up, it’s time to connect it to our Angular app and backend.<br> πŸš€ Next Article: How to authenticate users in Angular &amp; secure API requests.<br> πŸ” Upcoming: Backend token verification &amp; advanced security best practices.<br> πŸ›Ž Stay tuned &amp; follow for updates!</p> </blockquote> <p>πŸ”‘ Wrapping Up</p> <p>In this guide, we:<br> βœ… Created an Okta Developer account from scratch.<br> βœ… Set up user groups for RBAC.<br> βœ… Registered an OAuth 2.0 app in Okta.<br> βœ… Configured authentication policies (password + 2FA).<br> βœ… Set API authorization rules to restrict access.</p> <p>With this setup, your app is now secure using OAuth 2.0, OpenID Connect, and Role-Based Access Control. πŸš€</p> <p>Let me know in the comments if you have any questions, and check out my next posts on frontend and backend authentication &amp; token verification! πŸ”₯</p> Data Polling on the Backend for Long-Running HTTP Requests: NestJS Example Yevheniia Sat, 16 Nov 2024 16:37:40 +0000 https://dev.to/yevheniia_br/data-polling-on-the-backend-for-long-running-http-requests-nestjs-example-28jb https://dev.to/yevheniia_br/data-polling-on-the-backend-for-long-running-http-requests-nestjs-example-28jb <p>Following my previous article on <a href="https://dev.to/yevheniia_br/data-polling-on-the-frontend-for-long-running-http-requests-angular-example-4b0a">long-runnig http requests handling on the frontend</a>, I’d like to demonstrate how to implement data polling on the backend. This example uses a NestJS server app, PostgreSQL database, and Prisma ORM. However, this approach is universal and can be applied with any other programming language, framework, or database.</p> <blockquote> <p><strong>Here’s the workflow:</strong></p> <ol> <li>A <code>/purchase/execute</code> HTTP request is received.</li> <li>A new <code>taskId</code> is generated, and a new entity is created in the tasks table of the database.</li> <li>The method responsible for purchase execution is called in the background with taskId as an argument (without waiting for its result).</li> <li>The server returns an <code>HTTP 202 status</code> and the taskId to the client.</li> <li>Once the purchase execution method finishes, the result is stored in the database.</li> <li>The client polls<code>/purchase/execution-status/${taskId}</code> until the status is <code>"done"</code>, at which point the response is returned.</li> <li>The database is cleaned up automatically using TTL (e.g., AWS RDS with expireAt). Alternatively, you can use a Cron job to periodically remove expired tasks.</li> </ol> </blockquote> <p><strong>Here’s how this workflow can be implemented in NestJS:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">//purchase.controller.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Controller</span><span class="p">,</span> <span class="nx">Post</span><span class="p">,</span> <span class="nx">UseGuards</span><span class="p">,</span> <span class="nx">Body</span><span class="p">,</span> <span class="nx">Get</span><span class="p">,</span> <span class="nx">Param</span><span class="p">,</span> <span class="nx">Res</span><span class="p">,</span> <span class="nx">HttpStatus</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">ApiBearerAuth</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/swagger</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Response</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">jsend</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">jsend</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AuthenticatedGuard</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">../auth/auth.guard</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">PurchaseService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./purchase.service</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">TasksService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">../tasks/tasks.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Controller</span><span class="p">(</span><span class="dl">'</span><span class="s1">purchase</span><span class="dl">'</span><span class="p">)</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">PurchaseController</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">purchaseService</span><span class="p">:</span> <span class="nx">PurchaseService</span><span class="p">,</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">tasksService</span><span class="p">:</span> <span class="nx">TasksService</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="p">@</span><span class="nd">UseGuards</span><span class="p">(</span><span class="nx">AuthenticatedGuard</span><span class="p">)</span> <span class="p">@</span><span class="nd">ApiBearerAuth</span><span class="p">()</span> <span class="p">@</span><span class="nd">Post</span><span class="p">(</span><span class="dl">'</span><span class="s1">execute</span><span class="dl">'</span><span class="p">)</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">executePurchase</span><span class="p">(</span> <span class="p">@</span><span class="nd">Body</span><span class="p">()</span> <span class="nx">executePurchaseDto</span><span class="p">:</span> <span class="p">{</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">goods</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">productId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">quantity</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">;</span> <span class="p">},</span> <span class="p">@</span><span class="nd">Res</span><span class="p">()</span> <span class="nx">res</span><span class="p">:</span> <span class="nx">Response</span><span class="p">,</span> <span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">taskId</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">tasksService</span><span class="p">.</span><span class="nf">createTask</span><span class="p">();</span> <span class="k">this</span><span class="p">.</span><span class="nx">purchaseService</span><span class="p">.</span><span class="nf">executePurchase</span><span class="p">(</span> <span class="nx">executePurchaseDto</span><span class="p">,</span> <span class="nx">taskId</span><span class="p">,</span> <span class="p">);</span> <span class="nx">res</span> <span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">ACCEPTED</span><span class="p">)</span> <span class="p">.</span><span class="nf">send</span><span class="p">({</span> <span class="nx">taskId</span><span class="p">,</span> <span class="na">status</span><span class="p">:</span> <span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">ACCEPTED</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="p">@</span><span class="nd">UseGuards</span><span class="p">(</span><span class="nx">AuthenticatedGuard</span><span class="p">)</span> <span class="p">@</span><span class="nd">ApiBearerAuth</span><span class="p">()</span> <span class="p">@</span><span class="nd">Get</span><span class="p">(</span><span class="dl">'</span><span class="s1">execution-status/:taskId</span><span class="dl">'</span><span class="p">)</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">getPurchaseExecutionStatus</span><span class="p">(</span> <span class="p">@</span><span class="nd">Param</span><span class="p">(</span><span class="dl">'</span><span class="s1">taskId</span><span class="dl">'</span><span class="p">)</span> <span class="nx">taskId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">@</span><span class="nd">Res</span><span class="p">()</span> <span class="nx">res</span><span class="p">:</span> <span class="nx">Response</span><span class="p">,</span> <span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">purchaseService</span><span class="p">.</span><span class="nf">getPurchaseExecutionStatus</span><span class="p">(</span> <span class="nx">taskId</span><span class="p">,</span> <span class="p">);</span> <span class="k">return</span> <span class="nx">res</span> <span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">OK</span><span class="p">)</span> <span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nx">jsend</span><span class="p">.</span><span class="nf">success</span><span class="p">(</span><span class="nx">result</span><span class="p">));</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">//purchase.service.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Injectable</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Task</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@prisma/client</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">TasksService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">../tasks/tasks.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">PurchaseService</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="k">readonly</span> <span class="nx">tasksService</span><span class="p">:</span> <span class="nx">TasksService</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">executePurchase</span><span class="p">(</span> <span class="nx">executePurchaseDto</span><span class="p">:</span> <span class="p">{</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">goods</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">productId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">quantity</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">;</span> <span class="p">},</span> <span class="nx">taskId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nf">processPurchase</span><span class="p">(</span> <span class="nx">executePurchaseDto</span><span class="p">,</span> <span class="nx">taskId</span><span class="p">,</span> <span class="p">);</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">tasksService</span><span class="p">.</span><span class="nf">updateTaskById</span><span class="p">(</span><span class="nx">res</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">getPurchaseExecutionStatus</span><span class="p">(</span> <span class="nx">taskId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Task</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">tasksService</span><span class="p">.</span><span class="nf">getTaskById</span><span class="p">(</span> <span class="nx">taskId</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">processPurchase</span><span class="p">(</span> <span class="nx">executePurchaseDto</span><span class="p">:</span> <span class="p">{</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">goods</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">productId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">quantity</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">;</span> <span class="p">},</span> <span class="nx">taskId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="c1">// Your purchase handling logic here</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="p">{};</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">result</span><span class="p">,</span> <span class="nx">taskId</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">//tasks.service.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Injectable</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">v4</span> <span class="k">as</span> <span class="nx">uuidv4</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">uuid</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Task</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@prisma/client</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">PrismaService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">src/prisma/prisma.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">TasksService</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="nx">prismaService</span><span class="p">:</span> <span class="nx">PrismaService</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">createTask</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">string</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">currentDate</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">createdAt</span> <span class="o">=</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">floor</span><span class="p">(</span> <span class="nx">currentDate</span> <span class="o">/</span> <span class="mi">1000</span><span class="p">,</span> <span class="p">);</span> <span class="c1">// in seconds</span> <span class="kd">const</span> <span class="nx">expireAt</span> <span class="o">=</span> <span class="nx">createdAt</span> <span class="o">+</span> <span class="mi">900</span><span class="p">;</span> <span class="c1">// + 15 minutes</span> <span class="kd">const</span> <span class="nx">params</span> <span class="o">=</span> <span class="p">{</span> <span class="na">taskId</span><span class="p">:</span> <span class="nf">uuidv4</span><span class="p">(),</span> <span class="na">createdAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span> <span class="nx">currentDate</span><span class="p">,</span> <span class="p">).</span><span class="nf">toISOString</span><span class="p">(),</span> <span class="na">status</span><span class="p">:</span> <span class="dl">'</span><span class="s1">processing</span><span class="dl">'</span><span class="p">,</span> <span class="na">response</span><span class="p">:</span> <span class="dl">'</span><span class="s1">-</span><span class="dl">'</span><span class="p">,</span> <span class="nx">expireAt</span><span class="p">,</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">newTask</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prismaService</span><span class="p">.</span><span class="nx">task</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="p">...</span><span class="nx">params</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">newTask</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">HttpException</span><span class="p">(</span> <span class="dl">'</span><span class="s1">Failed to create a task</span><span class="dl">'</span><span class="p">,</span> <span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">INTERNAL_SERVER_ERROR</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">params</span><span class="p">.</span><span class="nx">taskId</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">getTaskById</span><span class="p">(</span> <span class="nx">taskId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Task</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">task</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prismaService</span><span class="p">.</span><span class="nx">task</span><span class="p">.</span><span class="nf">findUnique</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="nx">taskId</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">task</span><span class="p">)</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">HttpException</span><span class="p">(</span> <span class="dl">"</span><span class="s2">Task doesn't exist</span><span class="dl">"</span><span class="p">,</span> <span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">BAD_REQUEST</span><span class="p">,</span> <span class="p">);</span> <span class="k">return</span> <span class="nx">task</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">updateTaskById</span><span class="p">({</span> <span class="nx">taskId</span><span class="p">,</span> <span class="nx">result</span><span class="p">,</span> <span class="p">}):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">updatedTask</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prismaService</span><span class="p">.</span><span class="nx">task</span><span class="p">.</span><span class="nf">update</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="nx">taskId</span> <span class="p">},</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="na">response</span><span class="p">:</span> <span class="nx">result</span><span class="p">,</span> <span class="na">status</span><span class="p">:</span> <span class="dl">'</span><span class="s1">done</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">updatedTask</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">HttpException</span><span class="p">(</span> <span class="dl">'</span><span class="s1">Failed to update task</span><span class="dl">'</span><span class="p">,</span> <span class="nx">HttpStatus</span><span class="p">.</span><span class="nx">INTERNAL_SERVER_ERROR</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">//prisma.service.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Injectable</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">ConfigService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/config</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">PrismaClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@prisma/client</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">PrismaService</span> <span class="kd">extends</span> <span class="nc">PrismaClient</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">public</span> <span class="nx">configService</span><span class="p">:</span> <span class="nx">ConfigService</span><span class="p">,</span> <span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">({</span> <span class="na">datasources</span><span class="p">:</span> <span class="p">{</span> <span class="na">db</span><span class="p">:</span> <span class="p">{</span> <span class="na">url</span><span class="p">:</span> <span class="nx">configService</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">DATABASE_URL</span><span class="dl">'</span><span class="p">),</span> <span class="p">},</span> <span class="p">},</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Thanks for reading and feel free to shair your feedback)</strong></p> polling nestjs node typescript Data Polling on the Frontend for Long-Running HTTP Requests: Angular Example Yevheniia Sat, 14 Sep 2024 17:09:10 +0000 https://dev.to/yevheniia_br/data-polling-on-the-frontend-for-long-running-http-requests-angular-example-4b0a https://dev.to/yevheniia_br/data-polling-on-the-frontend-for-long-running-http-requests-angular-example-4b0a <h2> What is polling, and when does it come into play? </h2> <p>Polling is like checking your mailbox every few minutes, hoping for that important letter. In programming, it refers to repeatedly sending requests to the server at regular intervals to check if new data is available.</p> <p><strong>Real-world scenario:</strong><br> Imagine a web app - an internet-shop with both frontend and backend parts. After selecting items, a customer proceeds to the cart and clicks the <strong>'buy'</strong> button. When this happens, the frontend sends a <code>/buy</code> <strong>HTTP</strong> request to the backend. The backend then performs several operations to complete the purchase:</p> <ol> <li>Creating a new order entry.</li> <li>Updating the database for the selected items.</li> <li>Handling third-party communications for payment processing.</li> </ol> <p>These actions can take anywhere from a few seconds to a few minutes. To avoid keeping the client waiting for so long, the backend often responds immediately with a <strong>202 Accepted</strong> status and a <strong>taskId</strong>, while continuing to process the request in the background. The frontend's role here is to poll the server at regular intervals using the taskId to check when the data is ready.</p> <h2> In this article, I’ll show you a simple and effective way to implement polling into an Angular frontend app: </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>**cart.component.ts** import { Component, OnInit } from '@angular/core'; import { take } from 'rxjs'; import { HttpService } from '../../modules/shared/services/http.service'; import { AuthService } from '../../modules/shared/services/auth.service'; @Component({ selector: 'app-cart', templateUrl: './cart.component.html', styleUrl: './cart.component.scss', }) export class CartComponent implements OnInit { constructor( private readonly httpService: HttpService, private readonly authService: AuthService, ) {} ngOnInit() {} private executePurchase(selectedGoods: Array&lt;{productId:string; quantity:number;}&gt;): void { const params = { userId: this.authService.currentUserId, goods: [...selectedGoods], }; this.httpService .executePurchase(params) .pipe(take(1)) .subscribe({ next: res =&gt; { console.log(res); //here your logic }, error: err =&gt; console.error(err), }); } } </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>**http.service.ts** import { HttpClient } from '@angular/common/http'; import { Injectable } from '@angular/core'; import { Observable, catchError, delay, filter, map, of, startWith, switchMap, timer } from 'rxjs'; import { AppConfig } from '../../../configs/app.config'; import { IResponse } from '../interfaces/response.interface'; import { ParsePurchaseService } from './parse-purchase.service'; import { IPurchase, IExecutePurchaseResponse } from '../interfaces/purchase.interface'; @Injectable({ providedIn: 'root', }) export class HttpService { constructor( private readonly http: HttpClient, private readonly parsePurchaseService: ParsePurchaseService, ) {} public executePurchase(params: IPurchase): Observable&lt;IExecutePurchaseResponse&gt; { return this.executePurchaseRequest(params); } public pollData(url: string, interval: number): Observable&lt;any&gt; { return timer(0, interval).pipe( startWith(null), // Start with null to avoid immediate emission at the beginning delay(interval), switchMap(() =&gt; this.http.get&lt;any&gt;(url)), catchError(error =&gt; { throw new Error(`Polling error: ${error}`); }), ); } private executePurchaseRequest(params: IPurchase): Observable&lt;IExecutePurchaseResponse&gt; { return this.http.post&lt;IResponse&gt;(`${AppConfig.API_URL}/purchase/execute`, params).pipe( switchMap(data =&gt; { if (data.status === 200) { return of(data).pipe( map(parsedData =&gt; this.parsePurchasesService.parseCommitedPurchaseResponse(parsedData.data)), ); } else if (data.status === 202 &amp;&amp; data.data.taskId) { return this.pollData( `${AppConfig.API_URL}/purchase/execution-status/${data.data.taskId}`, //every 5 seconds poll server 5000, ).pipe( filter(res =&gt; res?.data?.status === 'done'), map(parsedData =&gt; this.parsePurchasesService.parseCommitedPurchaseResponse(parsedData.data)), ); } else { return of(data).pipe( map(parsedData =&gt; this.parsePurchasesService.parseCommitedPurchaseResponse(parsedData.data)), ); } }), catchError(error =&gt; { throw error; }), ); } } </code></pre> </div> <p><strong>Thanks for reading, hope it was useful, please feel free to comment))</strong></p> Data caching in NestJS Yevheniia Sat, 17 Aug 2024 11:03:33 +0000 https://dev.to/yevheniia_br/data-caching-in-nestjs-55m1 https://dev.to/yevheniia_br/data-caching-in-nestjs-55m1 <p><strong>Feeling like your NestJS API is lagging under heavy traffic?</strong> <br> <strong>Caching could be a secret weapon!</strong></p> <p><strong>Why Use Caching?</strong><br> Let's imagine running an e-commerce site where users frequently request products lists. Each request hits the database, slowing down performance as traffic grows. Caching helps by storing the product list temporarily, so subsequent requests are served faster without hitting the database again.</p> <p><strong>In this article, I'm going to show you how to implement data caching into NestJS app using <a href="https://www.npmjs.com/package/@nestjs/cache-manager" rel="noopener noreferrer">@nestjs/cache-manager cache-manager</a></strong></p> <ol> <li>Install the package <code>npm install @nestjs/cache-manager</code> </li> </ol> <p>2.In your module, import the cache module<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import { Module } from '@nestjs/common'; import { CacheModule } from '@nestjs/cache-manager'; @Module({ imports: [CacheModule.register()], }) export class ProductsModule {} </code></pre> </div> <p>3.Inject the cache manager into your service and use it like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import { Inject, Injectable } from '@nestjs/common'; import { CACHE_MANAGER } from '@nestjs/cache-manager'; import { Cache } from 'cache-manager'; @Injectable() export class ProductsService { private readonly productsCacheKey: string = 'your_key_here'; constructor( @Inject(CACHE_MANAGER) private readonly cacheManager: Cache, ) {} public async set( data: IProduct[], ttl: number = 100000, ): Promise&lt;void&gt; { await this.cacheManager.set( productsCacheKey, JSON.stringify(data), ttl, ); } public async get(): Promise&lt;string&gt; { return await this.cacheManager.get(productsCacheKey); } public async delete(): Promise&lt;boolean&gt; { await this.cacheManager.del(productsCacheKey); return true; } //Other methods } </code></pre> </div> <p><strong>By adding caching to your NestJS app with @nestjs/cache-manager, you can improve performance and make your application handle high traffic more efficiently. Give it a try and see the difference it makes!</strong></p> Set data in localStorage with a limited time to live (TTL) Yevheniia Sun, 11 Aug 2024 12:58:38 +0000 https://dev.to/yevheniia_br/set-data-to-localstorage-with-limited-time-to-live-233g https://dev.to/yevheniia_br/set-data-to-localstorage-with-limited-time-to-live-233g <h2> Sometimes we need to set data in browser localStorage with a time to live (TTL). </h2> <blockquote> <p><strong>Real-world example</strong><br> We have an online store with a cart and liked products. A new customer comes to our store and, without authorization, starts adding products to the cart or liked list. In this case, we store each product from the shopping cart in browser localStorage. However, we don’t need to keep them there forever, localStorage is not infinite. If the user doesn’t continue the purchase within the next month, it means he/she might have lost interest, and we can clean that data from localStorage.</p> </blockquote> <p><strong>How can we do that?</strong><br> Obviously, we can’t achieve this simply using the setTimeout methodπŸ™‚</p> <blockquote> <p><strong>Option 1.</strong> We can set data in localStorage with the current date and expiration date fields and manually implement a function that checks whether the data has expired every time the page is reloaded and removes it if it has.<br> <strong>Option 2.</strong> This is much easier. Just use a ready-made solutionβ€” <a href="https://www.npmjs.com/package/localstorage-slim" rel="noopener noreferrer">localstorage-slim</a>. We can set values in localStorage with a TTL, and this package will handle the expiration and removal for us, so no extra checks are needed.</p> </blockquote> <p><strong>Here is an example of a vanilla JavaScript implementation:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>**index.html** &lt;!doctype html&gt; &lt;html lang="en"&gt; &lt;head&gt; &lt;meta charset="utf-8" /&gt; &lt;title&gt;Test localstorage-slim&lt;/title&gt; &lt;meta name="viewport" content="width=device-width, initial-scale=1" /&gt; &lt;link rel="icon" type="image/x-icon" href="../favicon.ico" /&gt; &lt;link rel="stylesheet" href="./css/main.css" type="text/css"&gt; &lt;/head&gt; &lt;body&gt; &lt;script src="https://cdn.jsdelivr.net/npm/localstorage-slim"&gt;&lt;/script&gt; &lt;script src="./js/main.js"&gt; &lt;/script&gt; &lt;/body&gt; &lt;/html&gt; **main.js** const localStorageKey = ""; //your key here const goodsIds = ["1", "2", "3"]; //set data ls.set(localStorageKey, JSON.stringify(goodsIds), { ttl: 604800, }); //one week in seconds //get data const dataFromLs = ls.get(localStorageKey); </code></pre> </div> Using ng-content in Angular. Simple DropDownComponent. Yevheniia Sat, 03 Aug 2024 16:04:31 +0000 https://dev.to/yevheniia_br/using-ng-content-in-angular-simple-dropdowncomponent-3fl5 https://dev.to/yevheniia_br/using-ng-content-in-angular-simple-dropdowncomponent-3fl5 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgxfjj1fgxv4qcyq6rnjb.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgxfjj1fgxv4qcyq6rnjb.png" alt=" " width="800" height="450"></a></p> <h2> ng-content </h2> <p>Is a directive that allows content projection, enabling us to insert and display content within a component's template from its parent component.</p> <h2> When it might be useful? </h2> <p>Let’s imagine that we have the drop-down component. We reuse this component in a many different places within our app.The drop-down itself always looks the same, only the options inside are changing. The design of the menu always is the same.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv5z63lbqn4e8lwgsgw5j.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv5z63lbqn4e8lwgsgw5j.png" alt=" " width="198" height="188"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv4q3v6jw3i8wliljuec0.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv4q3v6jw3i8wliljuec0.png" alt=" " width="168" height="213"></a></p> <p><strong>But the trigger of that dropdown might have a few different views.</strong></p> <p>View number 1:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7couyo2cpixaoa2y4z1m.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7couyo2cpixaoa2y4z1m.png" alt=" " width="154" height="88"></a></p> <p>View number 2:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn6lenfzhtszng8ce6lrt.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn6lenfzhtszng8ce6lrt.png" alt=" " width="158" height="80"></a></p> <p>View number 3:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu9fyj9vomx9m5e6k9d9b.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu9fyj9vomx9m5e6k9d9b.png" alt=" " width="189" height="87"></a></p> <p><strong>How many ways do we have to implement it?</strong><br> Solution number 1: add an @Input() decorator to with a type of trigger view and use it’s value as an *if-expression inside HTML.</p> <p>Solution number 2: add an @Input() same as in the previous one and use its value for *ngSwitch with the several possible *cases inside HTML.</p> <p>Solution number 3: no extra @Input() decorator inside , no extra expressions inside HTML, we going to use ng-content.</p> <p>For sure those ways are only part of all possible ones, there are certainly others, it’s just 3 of the fastest ones from my point of view:) If you usually use another one feel free to share it in the comments.</p> <p><strong>In this article, I’m going to show you how to create the simple drop-down component with differrent views of it’s trigger using ng-content.</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>DropDownComponent.html &lt;div class="drop-down-component"&gt; &lt;div #dropDownMenuTrigger (click)="openDropDown()" class="drop-down-component__trigger"&gt; &lt;ng-content select="[drop-down-trigger]"&gt;&lt;/ng-content&gt; &lt;/div&gt; &lt;ul class="drop-down__list"&gt; &lt;li *ngFor="let option of dropDownData" class="drop-down-component__option"&gt; &lt;a (click)="selectOption(option)" class="drop-down-component__option-name" role="button"&gt; {{ option.name }} &lt;/a&gt; &lt;/li&gt; &lt;/ul&gt; &lt;/div&gt; DropDownComponent.ts public isDropDownVisible: boolean = false; @Input() dropDownData: ITDropDown[] | null = null; @ViewChild('dropDownMenuTrigger', { read: ElementRef, static: false }) dropDownMenuTrigger: ElementRef; public openDropDown(): void { this.isDropDownVisible = !this.isDropDownVisible; } public selectOption(option: ITDropDown): void { //your logic here } ParentComponent.html &lt;app-drop-down [dropDownData]="dropDownData"&gt; &lt;div drop-down-trigger&gt; &lt;img src="/assets/images/your-icon-name.svg" class="drop-down-component__trigger-inner" /&gt; &lt;/div&gt; &lt;/app-drop-down&gt; </code></pre> </div> <p>As you can see it is a really simple way to create a dynamic view of a drop-downs trigger that frees us from the need to use extra expressions and decorators.</p>