> ## Documentation Index > Fetch the complete documentation index at: https://docs.ownid.com/llms.txt > Use this file to discover all available pages before exploring further. # Local Playground Guide > Set up a fully functional OwnID Boost environment on your local machine. This guide allows you to set up a fully functional OwnID Boost environment on your local machine. This setup includes a secure Node.js backend and a frontend that supports biometric registration and "Returning User" recognition. ## Prerequisites Ensure you have the following ready before starting: * **Node.js** installed on your machine * **OwnID Application** created via the OwnID Admin Console * ([Get Started](https://docs.ownid.com/building-blocks/get-started)) * **ngrok** installed ([Download here](https://ngrok.com/download)) *** Run these commands in your terminal to create the project structure: ```bash theme={null} mkdir ownid-demo cd ownid-demo npm init -y npm install express body-parser mkdir public ``` Create a file named `server.js` in your root folder. This contains the Handshake Endpoints and the Security Layer. **Important:** Replace `YOUR_SHARED_SECRET_HERE` with the secret from your OwnID Console. ```javascript server.js theme={null} const express = require('express'); const bodyParser = require('body-parser'); const path = require('path'); const crypto = require('crypto'); const app = express(); const port = 3001; // --- CONFIGURATION --- const OWNID_SHARED_SECRET = "YOUR_SHARED_SECRET_HERE"; // TUNNEL BYPASS: Ensures OwnID Cloud can reach your local server through ngrok/devtunnels app.use((req, res, next) => { res.setHeader('bypass-tunnel-reminder', 'true'); res.setHeader('X-Tunnel-Skip-Anti-Phishing-Page', 'true'); next(); }); app.use(bodyParser.json()); app.use(express.static(path.join(__dirname, 'public'))); function hashPassword(password) { return crypto.createHash('sha256').update(password || '').digest('hex'); } // Mock Database let users = [{ email: "test@example.com", passwordHash: hashPassword("password123"), firstName: "Test", lastName: "User", ownIdData: null }]; // SECURITY: HMAC Signature Verification function verifyOwnIDSignature(req, res, next) { if (OWNID_SHARED_SECRET === "YOUR_SHARED_SECRET_HERE") return next(); const signature = req.headers['ownid-signature']; const timestamp = req.headers['ownid-timestamp']; if (!signature || !timestamp) return res.status(401).send("Missing Headers"); const dataToSign = JSON.stringify(req.body) + "." + timestamp; const generated = crypto.createHmac('sha256', Buffer.from(OWNID_SHARED_SECRET, 'base64')) .update(dataToSign).digest('base64'); if (generated !== signature) return res.status(401).send("Invalid Signature"); next(); } // --- OWNID HANDSHAKE ENDPOINTS --- app.post('/getOwnIDDataByLoginId', verifyOwnIDSignature, (req, res) => { const loginId = req.body.loginId?.toLowerCase().trim(); const user = users.find(u => u.email === loginId); console.log(`🔍 Handshake Fetch: ${loginId} | Found: ${!!user?.ownIdData}`); res.json({ ownIdData: user ? user.ownIdData : null }); }); app.post('/setOwnIDDataByLoginId', verifyOwnIDSignature, (req, res) => { const loginId = req.body.loginId?.toLowerCase().trim(); const user = users.find(u => u.email === loginId); if (user) { user.ownIdData = req.body.data; console.log(`💾 Handshake Saved: ${loginId}`); return res.sendStatus(200); } res.status(404).send('Not Found'); }); app.post('/getSessionByLoginId', (req, res) => res.json({ token: "session-" + Date.now() })); // --- APP ROUTES --- app.post('/register', (req, res) => { const { email, password, firstName, lastName, ownIdData } = req.body; const lowerEmail = email.toLowerCase().trim(); users = users.filter(u => u.email !== lowerEmail); // Reset if exists users.push({ email: lowerEmail, passwordHash: hashPassword(password || "123"), firstName: firstName || '', lastName: lastName || '', ownIdData: ownIdData || null }); console.log(`👤 Registered: ${lowerEmail}`); res.status(200).json({ firstName: firstName || '', lastName: lastName || '' }); }); app.post('/login', (req, res) => { const { email, isOwnID, password } = req.body; const user = users.find(u => u.email === email?.toLowerCase().trim()); // Any password works for local testing if (user && (isOwnID || password)) { console.log(`✅ Login Success: ${email}`); return res.status(200).json({ firstName: user.firstName, lastName: user.lastName }); } res.status(401).send("Fail"); }); app.get('/', (req, res) => res.sendFile(path.join(__dirname, 'public', 'login.html'))); // Landing Page Dashboard app.get('/index.html', (req, res) => res.send(` Dashboard

✅ Login Successful

Welcome, !

Logout
`)); app.listen(port, '0.0.0.0', () => console.log(`🚀 Server running on http://localhost:${port}`)); ``` Create these two files inside the `public` folder. Replace `YOUR_APP_ID` with the App ID from your OwnID Console. ```html public/register.html theme={null}

Create Account

Go to Login

``` ```html public/login.html theme={null}

Login

Create account

``` Tunnel Diagram In the OwnID integration, the end-user accesses both OwnID and your local development server through their browser. To allow this communication, we need to: 1. Whitelist the local origin domain (e.g., `localhost`) 2. Allow the OwnID Server to reach your local development server. To achieve this, configure the following in your **OwnID Admin Console**. Navigate to the app's main page and add the local origin to the **Allowed Domains**. Allowed Domain In the app's **Integration / Backend** settings, set the base URL to target a public tunnel that leads to your development server. Base Url ### Creating a Local Tunnel Using ngrok Start your local server. It will run on port `3001`. ```bash theme={null} node server.js ``` Start ngrok, targeting your server's port: ```bash theme={null} ngrok http 3001 ``` 1. Open your generated ngrok URL in an Incognito/Private window. 2. Navigate to **Create account**, enter a new email, and complete the biometric enrollment. 3. You will be automatically redirected to the Login page. 4. Type the email you just registered and click outside of the input box. **The Success:** The widget will immediately switch to a Fingerprint icon. This indicates that your server successfully provided the biometric data via the Handshake.