import { useAuth } from 'react-oidc-context'; import { useState } from 'react'; import { fetchProtected } from './api/client'; import './App.css'; function App() { const auth = useAuth(); const [apiData, setApiData] = useState(null); const [apiError, setApiError] = useState(null); const [loading, setLoading] = useState(false); if (auth.isLoading) { return
Loading session…
; } if (auth.error) { const hint = auth.error.message === 'Failed to fetch' ? 'The browser could not reach Authentik. Check that it is running, VITE_AUTHENTIK_URL is correct, and the discovery URL opens in a new tab.' : auth.error.message; return (

Auth error: {hint}

); } if (!auth.isAuthenticated || !auth.user) { return (

OIDC Auth Demo

Sign in with Authentik to continue.

); } const idClaims = auth.user.profile; const accessToken = auth.user.access_token; async function callApi() { if (!accessToken) { setApiError('No access token in session'); return; } setLoading(true); setApiError(null); try { const data = await fetchProtected('/api/me', accessToken); setApiData(data); } catch (err) { setApiData(null); setApiError(err instanceof Error ? err.message : 'API request failed'); } finally { setLoading(false); } } return (

OIDC Auth Demo

Login (ID Token)

User identity comes from the ID token claims below.

Subject
{idClaims.sub}
Email
{String(idClaims.email ?? '—')}
Name
{String(idClaims.name ?? idClaims.preferred_username ?? '—')}

API (Access Token)

Protected routes use the access token in the Authorization header.

{apiError &&

{apiError}

} {apiData != null && ( 
{JSON.stringify(apiData, null, 2)}
)}
); } export default App;