# Client Server

Although not necessary, authentication and authorization are typically done between client and server. Here we look at ways clients can use Unfurl in this way.  

### Node.js

#### [express-openid-connect.js](https://github.com/auth0/express-openid-connect)

```javascript
const { auth } = require('express-openid-connect');
app.use(
  auth({
    issuerBaseURL: 'https://auth.unfurl-connect.com',
    baseURL: 'https://YOUR_APPLICATION_ROOT_URL',
    clientID: 'YOUR_CLIENT_ID',
    secret: '***********************',
    response_type: 'code',
    response_mode: 'form_post',
    scope: 'openid offline_access roles',
    claims: {
      id_token: {"roles": { "essential" : true } }
    }
  })
);
```

There is no client code. Logging in is done by navigating the user to `/login`.

A full example can be found [here](https://github.com/Unfurl-Connect/example-clients/tree/main/express-openid-connect).