Microsoft Authentication Library Preview

Getting Started Docs Library Reference Support Samples

The MSAL library preview for JavaScript enables Single Page Applications to authenticate users with Microsoft Azure Active Directory (AAD) accounts, Microsoft accounts (MSA), accounts in social identity providers like Facebook, Google, LinkedIn etc. and get access to Microsoft Cloud services such as Microsoft Graph.

The identity management services that the library interacts with are Microsoft Azure Active Directory, Microsoft Azure AD B2C and Microsoft Accounts.

Build Statusnpm versionnpm version

Important Note about the MSAL Preview

This library is suitable for use in a production environment. We provide the same production level support for this library as we do our current production libraries. During the preview we may make changes to the API, internal cache format, and other mechanisms of this library, which you will be required to take along with bug fixes or feature improvements. This may impact your application. For instance, a change to the cache format may impact your users, such as requiring them to sign in again. An API change may require you to update your code. When we provide the General Availability release we will require you to update to the General Availability version within six months, as applications written using a preview version of library may no longer work.

Libraries

Microsoft Authentication Library provides 3 libraries as separate packages. You can read more details about them in the MSAL Wiki.

Community Help and Support

  • FAQs for access to our frequently asked questions

  • Stack Overflow using "msal" and "msal.js" tag. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.

  • GitHub Issues for reporting a bug or feature requests

  • User Voice page to provide recommendations and/or feedback

Contribute

We enthusiastically welcome contributions and feedback. Please read the contributing guide before you begin.

Security Library

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

Security Reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

License

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");

We Value and Adhere to the Microsoft Open Source Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.