Passport strategy for authenticating with / using the OAuth 2/ OAuth 3 LDS I/O API.

This module lets you authenticate using in your Node.js applications. By plugging into Passport, authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Questions? Comments? Leave an issue or join the discussion on Google Groups


npm install passport-lds-io --save


See Passport LDS Connect Example

Configure Strategy

The authentication strategy authenticates users using an account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a app ID, app secret, and callback URL.

passport.use(new LdsConnectStrategy({
    // These are the working demo app id and app secret
    clientID: 'TEST_ID_56f6f3551bd4faa420a3dd6e',
    clientSecret: 'TEST_SK_jtgoHAMKdIgoWSYd8E1gBIrW',

    // points to and is an authorized domain for demo apps
    callbackURL: ""
  function(accessToken, refreshToken, profile, done) {
    if (profile.guest) {
      // this is the built-in dummy user 'dumbledore', not an actual user
      // be aware that anyone can log into with this test user.
      // The intent is that they can experiment with your app if they don't yet
      // have an account and see if it it's worth the hassle of
      // finding their MRN to sign up
    User.findOrCreate({ ldsOrgId: profile.currentUserId }, function (err, user) {
      return done(err, user);

Authenticate Requests

Use passport.authenticate(), specifying the '' strategy, to authenticate requests.

For example, as route middleware in an Express application:

, passport.authenticate('')

// On success this falls through to the second function
, passport.authenticate('', { failureRedirect: '/login' })
, function (req, res) {
    // Successful authentication, redirect home.



The MIT License

Copyright (c) 2014-2015 AJ ONeal <>