Just want the code? Find this example on github What is DID.app Me and my cofounder have been building DID so that we can all stop using passwords. Most of us have too many passwords and we don't like using them is an Identity Provider, that authenticates users by verifying access to either an email address or securely stored private key. DID.app This allows your users to sign in with a single click. just Requirements This tutorial will require you to have Node.js and Express installed. Express install guide Node.js install guide New Express project Use the to start a new project. Express generator npx express-generator --view=pug myapp myapp npm install cd Install and from npm. openid-client cookie-session npm install --save openid-client cookie-session Add sessions to the application We will use so that we can keep a user signed in after we have authenticated them. cookie-session To use it, require the module and add to the apps middleware in . app.js cookieSession = ( ); { SESSION_SECRET } = process.env; app.use(cookieSession({ : , : SESSION_SECRET })); // other dependencies var require "cookie-session" // other middleware var name "myapp" secret It is best practise to keep your session secret out of your source code. Fetch OpenID Connect configuration Only routes for handing authentication will require the OpenID Configuration for DID.app. Create a routes file for sessions and configure the client library. routes/session.js express = ( ); router = express.Router(); { Issuer } = ( ); { CLIENT_ID, CLIENT_SECRET } = process.env; clientPromise = Issuer.discover( ).then( { .log( , issuer.issuer, issuer.metadata); issuer.Client({ : CLIENT_ID, : CLIENT_SECRET }); }); var require "express" var var require "openid-client" var var "https://did.app" ( ) function issuer console "Discovered issuer %s %O" return new client_id client_secret // ... The in are fetched from the environment, client_id client_secret we will generate them later. Create File for sign in routes Signing in, or up, using the OpenID connect flow requires two endpoints. One endpoint redirects the user to the OpenID provider (in this case DID.app) to authenticate themselves. A second callback endpoint is where the result of authenticating is handled. Add both of these into the session routes file. router.get( , { clientPromise.then( { authorizationUrl = client.authorizationUrl({ : , : }); res.redirect(authorizationUrl); }); }); router.get( , { clientPromise .then( { params = client.callbackParams(req); client.callback( , params); }) .then( { claims = tokenSet.claims(); .log(claims); req.session = { : claims.sub }; res.redirect( ); }); }); .exports = router; // ... "/authenticate" ( ) function req, res, next ( ) function client var scope "openid" redirect_uri "http://localhost:3000/session/callback" "/callback" ( ) function req, res, next ( ) function client var return "http://localhost:3000/session/callback" ( ) function tokenSet var console userId "/" module Add the session routes to the express app in . app.js sessionRouter = ( ); app.use( , indexRouter); app.use( , usersRouter); app.use( , sessionRouter); // other dependencies var require "./routes/session" // ... "/" "/users" // new routes "/session" Display authentication status Our users need a button that lets them sign in. To add one to the homepage the route handler checks if there is already a user session, if so we make this user id available to the view. Make these changes to . routes/index.js router.get( , { session = req.session || {}; res.render( , { : , : session.userId }); }); "/" ( ) function req, res, next var "index" title "Express" userId In the view we use the user id to show them some information about them, or if no user a sign in button this code to show a button Add this snippet into . views/index.pug userId span ID #{userId} a.button.action( = ) Sign if User else href '/session/authenticate' in Setup the App on DID You will need a DID account. to create one now. After signing up, you will be directed to set up your first app. Sign up Because we will run on localhost we need to use test app, select test mode. After setting the details for the app, copy the client id and secret for use in our application. Try it out Start Express, passing in the required configuration as environment variables. CLIENT_ID=test_abc \ CLIENT_SECRET=test_abcdef \ SESSION_SECRET=somesecret \ npm start Visit , you should see your new Express app with a shiny sign in button. localhost:3000 Any problems, see for the complete set of changes. this commit Have a question? If you have any further questions contact us at . team@did.app Previously published at https://dev.to/crowdhailer/express-js-integration-guide-for-passwordless-authentication-with-did-app-246p