Integrate a Backend

Protect Node.js routes or prepare service-to-service access against an existing AuthOS instance.

Updated Jul 15, 2026 Edit this page

This guide connects server-side application code to AuthOS. It assumes an operator has already installed and configured the platform.

Prerequisites

  • A reachable AuthOS base URL stored as server-side configuration
  • Node.js 18 or newer and npm for the Node.js path
  • A registered organization and service
  • A clear choice between verifying interactive-user access tokens and acting as a non-interactive service

Choose the backend boundary

Use @drmhse/authos-node when a Node.js server needs token verification or Express middleware. Use the Service API SDK module and Service API HTTP reference for workloads that act without an interactive browser session.

Connect the backend

  1. Store the AuthOS base URL in server-side configuration such as AUTHOS_BASE_URL.
  2. Follow the selected package or service reference to install and initialize the client. Keep API keys and client secrets out of browser bundles and version control.
  3. For user-facing APIs, protect one test route and require a valid AuthOS access token.
  4. For service-to-service access, request only the scopes the workload needs and call one permitted endpoint.
  5. Exercise a denied request as well as a successful request so the boundary is proven rather than merely configured.

Completion check

  • A valid token or service credential can call the intended test endpoint.
  • A missing, invalid, or insufficiently scoped credential is rejected.
  • Verified claims or service scopes are available to authorization code.
  • Secrets exist only in an approved server-side store.

Next steps