First, I admit I’m a total newbie! I’ve been around the web for many many years, but never worked with authentication myself.
I’m creating a small personal blog using Jekyll and GitHub Pages. This needs to be limited to only a few people (family and friends). I came across a short tutorial (Add Authentication to Any Web Page in 10 Minutes | Okta Developer) that seemed promising. I tried it and it… is not working. I feel I’m missing something, but I don’t even know where to start looking.
If I create an index page “as is”, I get the login page when I load on localhost:4000. But I get an unexpected error trying to log in.
If I add the relevant lines of markup to my Jekyll templates, I do not even get the login form.
I guess I have a few questions:
Can I actually use okta for my purpose? How easy is it to actually make work? Is there clear and easy information somewhere that I haven’t found yet?
Any and all help would be greatly appreciated.
The challenge with any static site is that it’s static, so there isn’t any way to add login functionality to protect the content. That blog post you found (which is really old, sorry!) is only the first step, what it’s talking about is getting an access token to be able to make authenticated API requests to some service.
If you want to require login to view a static site, you need to do that at the web server layer that’s serving the static content. I’ve done this before by running nginx and configuring it to require login before it serves whatever content is behind it, whether that’s a static site or some other app. Here’s a blog post that explains that approach: Use nginx to Add Authentication to Any Application | Okta Developer
Thank you Aaron. So I already know that this won’t work in a GitHub Pages site as I have no access to changing the server that way. You just saved me hours and possibly days of banging my head against a brick wall! Much appreciated.