An example application of integrating Cerbos with an Express server using WorkOS for authentication.
- Node.js
- An WorkOS account
- Install node dependencies
npm install- Set Config
Create a .env file with the following values:
PORT=8000
WORKOS_API_KEY=
WORKOS_CLIENT_ID=
WORKOS_CONNECTION_ID=
CERBOS_HOSTNAME=https://demo-pdp.cerbos.cloud
CERBOS_PLAYGROUND=fm7Rj561f9458cJFkUe2FFZCXYrUUVc6
You can find the WorkOS values in your dashboard.
This example is using the hosted Demo PDP of Cerbos and an example Playground instance. If you are running your own Cerbos PDP then update the
CERBOS_HOSTNAMEfield to your own instance and remove theCERBOS_PLAYGROUNDfield.
- Start the express server
node index.js- Test the App
Now that everything is wired up you should be able to goto http://localhost:8000 and press the login link to authenticate with your WorkOS account.
This example has a simple CRUD policy in place for a resource kind of contact - like a CRM system would have. Should you wish to experiment with this policy, you can try it in the Cerbos Playground.
The policy expects one of two roles to be set on the principal - admin and user. These roles are authorized as follows:
| Action | User | Admin |
|---|---|---|
| list | Y | Y |
| read | Y | Y |
| create | Y | Y |
| update | If owner | Y |
| delete | If owner | Y |