@trimble-oss/trimble-id-react
Advanced tools
Trimble Identity SDK for React app.
🚀 Getting Started - 📚 Usage Reference - 💬 Support
Using npm in your project directory run the following command:
npm install @trimble-oss/trimble-id-react
Create a new application in the Trimble Developer Console portal and configure the following settings:
To register your application in Trimble Developer Console:
On the left pane select "Applications".
On the Applications home page, in the top right corner select + NEW APPLICATION. The Create Application page displays.
Select Continue to enter the applications details.
| Field | Description |
|---|---|
| Name | Name of your application |
| Display Name | Provide a display name of the application. |
| Description | Provide a description for the application. |
Configure OAuth application grant types as Authorization Code Grant and Use Refresh tokens in order to use this SDK.
Configure the desired callback URL and logout URL for your application. These URLs are used by the SDK to redirect the user after authentication.
Select "Create Application" to save changes.
Take note of the Client ID and URLs under the "Basic Information" section. You'll need these values to configure the SDK.
Scopes
Trimble Identity uses scopes to determine the aud claim in the returned access token. Scope is mandatory for the application to work. You can use the scope as the application name registered in the Trimble Developer Console. For example, if you have registered an application with the name "test", then it must be registered in the format {some_uuid}-"test". For eg., 12345678-1234-1234-1234-123456789012-test.
For more information, see Authentication documentation.
SDK provides a React component TID Provider that will handle the
process related to the authentication for you. Configure the SDK by wrapping your application in TIDProvider:
<TIDProvider tidClient={new TIDClient(config)} onRedirectCallback={handleRedirect}>
<Component/>
</TIDProvider>
Here TIDProvider can take two parameters :
After wrapping your app with the TIDProvider, you have to configure the TID credentials registered in TrimbleCloud console. There are two ways of doing this:
1. Using the TIDClient
<TIDProvider tidClient={new TIDClient({
config: {
configurationEndpoint: "<OAUTH_WELL_KNOWN_URL>",
clientId: "CLIENT_ID",
redirectUrl: "http://localhost:3000/callback",
logoutRedirectUrl: "http://localhost:3000/logout-callback",
scopes: ['test']
}
})} onRedirectCallback={handleRedirect}>
<Component/>
</TIDProvider>
NOTE: Tokens are stored in the browser's memory, as it is considered the most secure option.
2. You can send the properties directly
<TIDProvider
configurationEndpoint={"<OAUTH_WELL_KNOWN_URL>"}
clientId={"CLIENT_ID"}
redirectUrl={"http://localhost:3000/callback"}
logoutRedirectUrl={"http://localhost:3000/logout-callback"}
scopes={['test']}
onRedirectCallback={handleRedirect}>
<Component/>
</TIDProvider>
Below are the parameters of TIDClient.
NOTE:
As of version 1.0.0, PersistentOptions have been removed. By default, the SDK now supports in-memory token storage. Using localStorage and sessionStorage for storing sensitive information poses several security risks, including vulnerability to XSS attacks, lack of secure attributes and session hijacking.
When you upgrade to version 1.x, storage options will no longer be available, resulting in a breaking change. For those using an older version of the SDK (i.e., <1.x), it is highly recommended to use the default in-memory storage to avoid any security issues.
Use the useAuth hook in your components to access authentication state (isLoading, isAuthenticated, user, error) and authentication methods (loginWithRedirect and logout):
Redirect the user to TID using the browser
const {loginWithRedirect}= useAuth()
await loginWithRedirect()
const {logout}= useAuth()
await logout()
True if the user is authenticated.
const {isAuthenticated}= useAuth()
This property will indicate the developer that the TID Provider is still loading information from the cache By default, this state will be true, this will allow the developers to handle async functionality Note: This property will only be true the first time that the app executes.
const {isLoading}= useAuth()
Gets the access token from cache. SDK handles token refresh when token expires.
const {getAccessTokenSilently}= useAuth()
var access_token = await getAccessTokenSilently()
Gets the token details from cache.
const {getTokens}= useAuth()
var tokenResponse : TokenResponse = await getTokens()
Information of the user in session
const {user}= useAuth()
var name = user?.name
Property that let the developer know if an error happen during the authentication
const {error}= useAuth()
var error = error.message
It renders a component if the user is authenticated, otherwise redirects the user to the login page. It can be used to protect private components. If the user is not authenticated, they will be redirected to the login page.
<AuthenticationGuard renderComponent={<MyPrivateComponent/>}/>
NOTE: Refer samples for better understanding.
See here for Sample Code for reference.
See here for releases
To provide feedback or report a bug, please raise an issue on our issue tracker.
Send email to cloudplatform_support@trimble.com
FAQs
Trimble Identity SDK for React app.
The npm package @trimble-oss/trimble-id-react receives a total of 16 weekly downloads. As such, @trimble-oss/trimble-id-react popularity was classified as not popular.
We found that @trimble-oss/trimble-id-react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Research
A malicious npm campaign is targeting Ethereum developers by impersonating Hardhat plugins and the Nomic Foundation, stealing sensitive data like private keys.