page_type | languages | products | description | urlFragment | |||||
---|---|---|---|---|---|---|---|---|---|
sample |
|
|
Demonstrates how to use MSAL Node to sign-in users and acquire access tokens for a protected resource such as Microsoft Graph in an Electron desktop application using the OAuth 2.0 authorization code flow with PKCE. |
ms-identity-javascript-nodejs-desktop |
This sample demonstrates how to use MSAL Node to sign-in a user and acquire an access token for a protected resource such as Microsoft Graph in an Electron desktop application using the authorization code grant with PKCE flow.
This sample backs the following articles on Microsoft Docs:
- Quickstart: Acquire a token and call Microsoft Graph API from a desktop application
- Tutorial: Sign in users and call the Microsoft Graph API in an Electron desktop app
ℹ️ Looking for a TypeScript implementation? See: ElectronTestApp
ℹ️ Looking for an Electron with React implementation? See: ElectronSystemBrowserTestApp
⚠️ This sample does not implement persistent caching. See Caching with MSAL Node for more information.
This sample demonstrates the following MSAL Node concepts:
- Configuration
- Login and logout
- Acquiring an access token
- Calling a web API
File/folder | Description |
---|---|
AppCreationScripts/ |
Contains Powershell scripts for automating app registration. |
App/authProvider.js |
Main authentication logic resides here. |
App/main.js |
Application main process. |
App/graph.js |
Instantiates Graph SDK client. |
App/renderer.js |
Renderer processes and UI methods. |
App/constants.js |
Example user accounts in JSON . |
App/preload.js |
Give the Renderer process controlled access to some Node API. |
App/authConfig.js |
Configuration objects to be passed to MSAL instance. |
- Node.js must be installed to run this sample.
- Visual Studio Code is recommended for running and editing this sample.
- Navigate to the Microsoft Entra admin center and select the Microsoft Entra ID service.
- Select the App Registrations blade on the left, then select New registration.
- In the Name section, enter a meaningful application name that will be displayed to users of the app, for example
msal-node-desktop
. - In the Supported account types section, select Accounts in this organizational directory only.
- Select Register to create the application.
- In the Name section, enter a meaningful application name that will be displayed to users of the app, for example
- In the list of pages for the app, select Authentication.
- Select Add a platform, select Mobile and desktop applications
- In the Redirect URIs section enter the following redirect URI
http://localhost
- Select Configure.
- Still on the same app registration, select the Token configuration blade to the left.
- Select Add optional claim:
- Select optional claim type, then choose ID.
- Select the optional claim login_hint.
An opaque, reliable login hint claim. This claim is the best value to use for the login_hint OAuth parameter in all flows to get SSO. See $optional claims for more details.
- Select Add to save your changes.
Clone this repository git clone https://github.com/Azure-Samples/ms-identity-javascript-nodejs-desktop.git
- Open the .authConfig.js file and provide the required configuration values.
- Replace the string
Enter_the_Application_Id_Here
with your app/client ID on Microsoft Entra admin center. - Replace the string
Enter_the_Tenant_Info_Here
with your tenant ID on Microsoft Entra admin center. - Replace the string
Enter_the_Cloud_Instance_Id_Here
withhttps://login.microsoftonline.com/
(include the trailing slash). - Replace the string
Enter_the_Graph_Endpoint_Here
. withhttps://graph.microsoft.com/
(include the trailing slash).
- Replace the string
- You'll need to install the dependencies of this sample once:
cd ms-identity-javascript-nodejs-desktop
npm install
- Then, run the application via command prompt or console:
npm start
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.