Node.js / ExpressJS / PassportJS OAuth2 authentication strategy for connecting with


Passport strategy for authenticating with / using the OAuth 2.0 API.

This module lets you authenticate using in your Node.js applications. By plugging into Passport, authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Questions? Comments? Leave an issue or join the discussion on Google Groups

npm install passport-lds-connect --save
npm install lds-connect-proxy --save

See Passport LDS Connect Example

The ldsconnect authentication strategy authenticates users using an account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a app ID, app secret, and callback URL.

passport.use(new LdsConnectStrategy({
    // These are the working demo app id and app secret 
    clientID: '55c7-test-bd03',
    clientSecret: '6b2fc4f5-test-8126-64e0-b9aa0ce9a50d',
    // defaults to '/api/ldsorg/me', which is not as easy to use 
    profileUrl: '/api/ldsconnect/me',
    // points to and is an authorized domain for demo apps 
    callbackURL: ""
  function(accessTokenrefreshTokenprofiledone) {
    if (profile.guest) {
      // this is the built-in dummy user 'dumbledore', not an actual user 
      // be aware that anyone can log into with this test user. 
      // The intent is that they can experiment with your app if they don't yet 
      // have an account and see if it it's worth the hassle of 
      // finding their MRN to sign up 
    User.findOrCreate({ ldsOrgId: profile.currentUserId }, function (erruser) {
      return done(err, user);

If you're making any requests in the browser you'll also want to use lds-connect-proxy until supports CORS.

Use passport.authenticate(), specifying the 'ldsconnect' strategy, to authenticate requests.

For example, as route middleware in an Express application:

, passport.authenticate('ldsconnect')
// On success this falls through to the second route 
, passport.authenticate('ldsconnect', { failureRedirect: '/login' })
, function (reqres) {
    // Successful authentication, redirect home. 

The MIT License

Copyright (c) 2014 AJ ONeal <>