Hello there!

Need Help? We are right here!

miniOrange Email Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@miniorange.com

Authenticate Node.js with JWT
miniOrange provides a ready to use code in node.js for solution. Use the following node.js code with any SAML IDP or any other social or enterprise credential store using JWT.

Node.js Single Sign On with SAML IDP using JWT

Follow the Step-by-Step Guide given below to integrate your Node.js code with SAML IDP using JWT.

Step 1: Set up an Identity Source in miniOrange

Step 2: Configure miniOrange as relying party in your SAML IDP

Step 3: Creating an external app in miniOrange

Step 4: Fetching the Customer Key and Customer Token Key

Step 5: Adding the request page

var http = require('http');
var crypto = require('crypto');
var customer_id=<CUSTUMER_ID>;
var skey =<CUSTUMER_KEY>;
var app_secret=<APP_SECRET>;
var return_url = "http://localhost:<port-number-of-your-callback-file>;
function encode(text, skey) {
	var len = text.length;
	var padSize = 16 - (len % 16);
for (var i = 0; i < padSize; i++) { 
     text += String.fromCharCode(padSize);
var cipher = crypto.createCipheriv('aes-128-ecb', skey, '');
var encrypted = cipher.update(text, 'utf8', 'base64');
encrypted += cipher.final('base64');
return encrypted;
var timestamp=new Date().getTime();
var input_string =timestamp+":"+app_secret;
var cipher_text=encode(input_string, skey);
var redirect_url = "https://login.xecurify.in/moas/broker/login/jwt/"+customer_id+"/"+"?token="+encodeURIComponent(cipher_text)+"&returnUrl="+encodeURIComponent(return_url);
http.createServer(function (req, res) {
	res.writeHead(302, {'Location': redirect_url});

Step 6: Adding the response page

var http = require('http');
var url = require('url');
http.createServer(function (req, res) {
    var url_parts =url.parse(req.url,true);
	var arr = ((url_parts.path).toString()).split(".");
	var buf = Buffer.from(arr[1], 'base64');
	var user_attributes = JSON.parse(buf);
	if (typeof user_attributes['NameID']) {
	  var expiry = user_attributes['exp'];
	  res.writeHead(200, {'Content-Type': 'text/html'});
	  if(expiry>new Date().getTime() / 1000){
		var username =user_attributes['NameID'];
	  else {
		res.end("Response expired. Try login again.");

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com