node-auth | 采用 nodejs 编写的权限管理系统，通过URL转发，反向代理实现。集成身份验证，用户管理等功能。 | Runtime Evironment library

After some more digging, I managed to figure it out. The issue is that the MONGO_INITDB_ROOT_USERNAME and MONGO_INITDB_ROOT_PASSWORD variables simply set the root user's credentials, and the MONGO_INITDB_DATABASE simply sets the initial database for scripts in /docker-entrypoint-initdb.d.

By default, the root user is added to the admin database, so by removing the /sandboxdb part of the connection string, I was able to have my node app authenticate against the admin DB as the root user.

While this doesn't quite accomplish what I wanted initially (to create a separate, non-root user for my database, and use that to authenticate), I think this puts me on the right path to using an init script to set up the user accounts I want to have.

Do you import express in your basic router ?
it should look like this :

I found this article: Adding extra npm modules to IBM Cloud Functions with Docker

Basically if I understand your question right, you need an additional package that is not included in the IBM Cloud Functions base image. The packages that are included by default are listed here. But auth0 is not part of the list.

So following the blog post, you can create a Dockerfile.

You have done it well.The issue is with getting google strategy.

Change this line

If you are using User Application then you need to check Authorization Code Grant to learn how DocuSign using this type of Grant to generate AccessToken and RefreshToken.

In User Application flow, AccessToken is provided for 8 hours and once AccessToken expires then your App needs to use Refresh Token to generate new set of Access and Refresh Token.

But if you are using System Integration then you need to check JSON Web Token Grant to learn how DocuSign provides AccessToken using JWT.

In System Integration flow, it is assumed that an API user in your App behind the scene will call DS API, and there is no DocuSign User interaction to login after certain interval to provide access to your App to generate Access token on behalf of the logged in user once Refresh token expires. System Integration Flow will get one time consent, Obtaining Consent explains how to get Consent. Once consent in provided to the Integrator Key then Integrator Key via your app can generate AccessToken any time, and this AccessToken will be valid for 3600 seconds, once it expires then you create new JWT and call DocuSign OAUTH API to generate new AccessToken for next 3600 seconds.

Node JS_03 is an example showing how User Application flow works.

Node JS_01, check for dsJwtAuth.js is an example showing how System Integration flow works using JWT.

I think your main issue is the authentication type you are using. You used the example showing Auth Code Grant, which does require users to log in. You could instead use JWT (JSON Web Token) which does not require that (only once, and that can be done by you). The code for making APIs and redirecting after signing ceremony etc. is the same. All you have to do is change the code that was used to obtain the access token (and also you need some configuration changes). You can find nodeJS example of JWT here - https://github.com/docusign/eg-01-node-jwt

If you want to read more about JWT - https://developers.docusign.com/esign-rest-api/guides/authentication/oauth2-jsonwebtoken

You cannot change add/edit/remove permissions for your Management API resource because as the dashboard message says: It is an Auth0 resource server with the identifier/audience as https://YOUR_DOMAIN.REGION.auth0.com/api/v2/. The scopes are managed by Auth0. You can however modify what scopes are granted to your Server-side Clients i.e Machine-to-Machine or Web Application client types, and limit what they can request when using Client Credentials grant to request an Access Token for an API.

In the same section under Management API resource settings, besides the "Permissions" tab, you can open "Machine to Machine Applications" tab, find your clientID and make sure it is authorized to request the scopes it requires for that API resource (eg. the read:roles scope). These are called Client Grants and you can manage them from Dashboard or Management API: https://auth0.com/docs/api/management/v2#!/Client_Grants/get_client_grants

Auth0 has a Client Credential Hook you can utilize for more specific logic in your flow, read more here: https://auth0.com/docs/api-auth/tutorials/client-credentials/customize-with-hooks

You forgot to import passport config file in your app.js.

import passport config after initializing passport.

## Setup Passport Login swithout deserializeUser ##

i think you have used some depreciated functions that tutorial was done 2016 , 2 years ago , loads of things can change within 2 years ,

let's redo this following the below steps , assuming that you already finished the part of installing node.js .

make folder for your app :

mkdir AuthApp cd AuthApp

create the node app : npm init

You’ll be prompted to provide some information for Node’s package.json. Just hit enter until the end to leave the default configuration.

Next, we’ll need an HTML file to send to the client. Create a file called auth.html in the root folder of your app, not going to use so much html as we are going to do it for testing :