Authlete 3.0 Quick Start Guide

This guide will help you set up and run your authorization server(AS) using Authlete 3.0. Follow these steps to create and configure your service, set up a demo authorization server, and test it.

Step 1: Create an Organization

  1. Log in to the Authlete Console.
  2. Create a new organization named acme.
Create Organization Screenshot

Step 2: Create a Service

  1. Switch to your newly created acme organization.
  2. Create a new service under this organization.
  3. Keep all settings as default for now.
Create Service Screenshot

Step 3: Generate a Service Access Token

  1. Navigate to Service Settings.
  2. Create a new Service Access Token named Demo AS.
Placeholder: Image Coming Soon

Step 4: Set Up Demo AS

  1. Clone the Java OAuth Server repository:

    git clone https://github.com/authlete/java-oauth-server.git
    cd java-oauth-server
    
  2. Configure the authlete.properties file with the following settings:

    api_version = V3
    base_url = https://us.authlete.com
    service.api_key = <<API_KEY>>
    service.access_token = <<SERVICE_ACCESS_TOKEN>>
    
  3. Run the server using Docker (preferred) or Java:

    • Docker Setup:
    docker-compose up
    
    • Java Setup:
    mvn jetty:run
    

Step 5: Verify the Setup

  1. Open your browser and navigate to http://localhost:8080.
  2. You should see the home page of the Demo authorization server.
Demo Authorization Server Home Page Screenshot

Step 6: Create a Client

  1. To test the authorization server, you’ll need to create a client.
  2. In the Authlete Console, navigate to the Demo Service.
  3. Click Create Client, give it a descriptive name, and click Create.
Create Client Screenshot
  1. Go to Basic Settings -> General and change Client Type to CONFIDENTIAL and click Save Changes.
Client Settings Screenshot
  1. Note down the Client ID for later use.

  2. Go to Endpoints -> Global Settings and add the following Redirect URI:

    • https://oidcdebugger.com/debug
  3. Leave all other settings as default and click Save Changes.

Add Redirect URI Screenshot

Step 7: Testing Your AS

OAuth2 Authorization Code Flow

  1. Visit OpenID Connect Debugger and enter the following required values:

    • Authorize URI: http://localhost:8080/api/authorization
    • Client ID: <<Enter the Client ID copied from the Authlete Console.>>
  2. Ensure the Response type is set to code.

  3. Optional: Test PKCE by selecting the Use PKCE checkbox. PKCE is enabled by default on your Authlete Service.

  4. Scroll down and click the Send Request button to start the authorization process.

OIDC Debugger Screenshot

This will redirect you to the login page of the Demo AS. Enter the following credentials and click Authorize:

  • Login ID: max
  • Password: max

You will be redirected back to the OIDC Debugger with an Authorization Code issued by Authlete.

OIDC ID Token Flow

  1. Click Start over to return to the home page.
  2. Change the Response type to id_token.
  3. Click SEND REQUEST to start a new authorization process.
  4. You will be redirected to the debugger with a JWT ID Token issued by Authlete.
Placeholder: Image Coming Soon

And that’s it! 🎉 You’ve successfully set up and tested your authorization server with Authlete 3.0.