Skip to content

A chapterwise tutorial that will take you through the fundamentals of modern authentication with Microsoft identity platform in Vanilla JavaScript.

License

Notifications You must be signed in to change notification settings

Azure-Samples/ms-identity-javascript-tutorial

Repository files navigation

page_type languages products description urlFragment
sample
javascript
msal-js
ms-graph
azure-app-services
azure-storage
azure-key-vault
azure-functions
microsoft-entra-id
azure-active-directory-b2c
microsoft-identity-platform
Tutorial: Enable your JavaScript single-page application (SPA) to sign-in users and call APIs with the Microsoft identity platform
ms-identity-javascript-tutorial

Tutorial: Enable your JavaScript single-page application (SPA) to sign-in users and call APIs with the Microsoft identity platform

Build Code Scan GitHub issues npm GitHub

The Microsoft identity platform, along with Microsoft Entra ID (Microsoft Entra ID) and Azure Azure Active Directory B2C (Azure Active Directory B2C) are central to the Azure cloud ecosystem. This tutorial aims to take you through the fundamentals of modern authentication with JavaScript, using the Microsoft Authentication Library for JavaScript (MSAL.js).

We recommend following the chapters in successive order. However, the code samples are self-contained, so feel free to pick samples by topics that you may need at the moment.

⚠️ This is a work in progress. Come back frequently to discover more samples.

Prerequisites

Please refer to each sample's README for sample-specific prerequisites.

Recommendations

  • jwt.ms for inspecting your tokens
  • Fiddler for monitoring your network activity and troubleshooting
  • Follow the Microsoft Entra ID Blog to stay up-to-date with the latest developments

Please refer to each sample's README for sample-specific recommendations.

Contents

Chapter 1: Sign-in a user to your application

Sign-in with Microsoft Entra ID
Sign-in your users with the Microsoft Entra ID and learn to work with ID Tokens. Learn how single sign-on (SSO) works. Learn to secure your apps to operate in national clouds.
Sign-in with Azure Active Directory B2C
Sign-in your customers with Azure Active Directory B2C. Learn to integrate with external social identity providers. Learn how to use user-flows and custom policies.

Chapter 2: Sign-in a user and get an Access Token for Microsoft Graph

Get an Access Token from Microsoft Entra ID and call Microsoft Graph
Authenticate your users and acquire an Access Token for Microsoft Graph and then call the Microsoft Graph API.

Chapter 3: Protect an API and call the API from your client app

Protect and call a web API on Microsoft Entra ID
Protect your web API with the Microsoft Entra ID. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected Web API.
Protect and call a web API on Azure Active Directory B2C
Protect your web API with Azure Active Directory B2C. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected web API.

Chapter 4: Deploy your applications to Azure

Deploy to Azure Storage and App Service
Prepare your app for deployment to various Azure services. Learn how to package and upload files, configure authentication parameters and use Azure services for managing your operations.

We'd love your feedback!

Were we successful in addressing your learning objective? Consider taking a moment to share your experience with us.

More information

Learn more about the Microsoft identity platform:

See more code samples:

Community Help and Support

Use Stack Overflow to get support from the community. Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [ms-identity azure-ad azure-ad-b2c msal javascript].

If you find a bug in the sample, please raise the issue on GitHub Issues.

To provide a recommendation, visit the following User Voice page.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.