/ms-identity-node

Sample code to authenticate from within a Webapp backed by Node.js using MSAL Node

Primary LanguageJavaScriptMIT LicenseMIT

page_type languages products description urlFragment
sample
javascript
nodejs
msal-node
microsoft-entra-id
Add authentication to a Node.js web application with the Microsoft Authentication Library for Node.js (MSAL Node).
ms-identity-node

Express web application built with MSAL Node and Microsoft identity platform

This sample demonstrates how to use MSAL Node to login, logout and acquire an access token for a protected resource such as Microsoft Graph.

Features

This sample demonstrates the following MSAL Node concepts:

  • Configuration
  • Login
  • Logout
  • Acquiring an access token and calling Microsoft Graph

Contents

File/folder Description
App/ Application source code resides here.
AppCreationScripts/ Contains PowerShell scripts for automating app registration.
.gitignore Define what to ignore at commit time.
CHANGELOG.md List of changes to the sample.
CONTRIBUTING.md Guidelines for contributing to the sample.
README.md This README file.
LICENSE The license for the sample.

Note: This sample was bootstrapped using express-generator.

Getting Started

Prerequisites

Node.js must be installed to run this sample.

Setup

  1. Register a new application by following the steps shown here
  2. Clone this repository git clone https://github.com/Azure-Samples/ms-identity-node.git
  3. Open the /App/.env.dev file and provide the required configuration values
  4. On the command line, navigate to the App folder, and runnpm install to install the project dependencies via npm

Running the sample

  1. Configure authentication and authorization parameters:
    1. Open App/.env.dev
    2. Replace the string "Enter_the_Application_Id_Here" with your app/client ID on Microsoft Entra admin center.
    3. Replace the string "Enter_the_Cloud_Instance_Id_Here" with "https://login.microsoftonline.com/"
    4. Replace the string "Enter_the_Tenant_Info_Here" with your tenant ID on Microsoft Entra admin center.
    5. Replace the string "Enter_the_Client_Secret_Here" with your client secret on Microsoft Entra admin center.
  2. Configure the parameters for calling MS Graph API:
    1. Replace the string "Enter_the_Graph_Endpoint_Here" with "https://graph.microsoft.com/"
  3. Configure the Express session secret:
    1. Replace the string "Enter_the_Express_Session_Secret_Here" with a hard to guess value, such as your client secret.
  4. To start the sample application, run npm start.
  5. Finally, open a browser and navigate to http://localhost:3000.

ℹ️ To configure this app for tenants on Sovereign/National clouds, see: Use MSAL in a national cloud environment

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.