active-directory-b2c-custom-policy-starterpack
microsoft-authentication-library-for-js
Our great sponsors
active-directory-b2c-custom-policy-starterpack | microsoft-authentication-library-for-js | |
---|---|---|
2 | 27 | |
318 | 3,450 | |
0.9% | 2.4% | |
0.0 | 9.6 | |
about 2 months ago | 6 days ago | |
TypeScript | ||
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
active-directory-b2c-custom-policy-starterpack
-
How to enrich a JWT issued by Active Directory B2C with custom policies.
NOTE Every time that we have the necessity to use IEF, it is advisable to start from one of the templates that Microsoft puts to disposition in the starter pack, in this example LocalAccounts has been used.
-
Azure B2C, OAuth2 and a Github App
Firstly you will want to download the TrustFrameworkBase.
microsoft-authentication-library-for-js
-
Sveltekit Microsoft authentication
You can use the sample provided at https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples and integrate it in hooks.server.ts.
-
Token request cannot be made without authorization code or refresh token when I add "teamsAppInstallation.ReadWriteSelfForChat.All" scope
I'm utilizing the Authorization Code sample provided in the MSAL Node.js library (https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/auth-code), with the only modification being the addition of the aforementioned scope to my configuration. Below, I've shared the relevant segment of my customConfig.json and the primary code snippet where the error surfaces.
- Does Azure AD B2C only employ OAuth2 / OIDC? Does it support any other mechanisms?
-
No Token in the Browser Pattern using Azure API Management
As the backend handles the token acquisition, no other code or library, such as MSAL.js, is required in the single-page application itself. This also means that no tokens are required to be stored in the browser session or local storage. By encrypting and storing the access token in an HttpOnly cookie protects it from XSS attacks, and scoping it to the API domain and setting SameSite=strict ensures that the cookie is automatically sent with all proxied API first-party requests. More on SameSite cookies can be read here.
- Web app with SSO and MS Graph access?
-
Redirect to a custom login page when securing your Angular app with MSAL
The easiest way to secure Angular apps with the Microsoft Identity Platform is by using the MSAL (Microsoft Authentication Library) Angular package. This package contains Angular-specific building blocks for implementing MSAL in your app.
-
New to Azure, can Azure logic apps help me keep an API access token fresh throughout the day? The API access token only lasts for one hour before it has to be refreshed via a refresh token.
For example: https://github.com/AzureAD/microsoft-authentication-library-for-js
-
A noob question on security/authentication (Azure AD related)
I was imagining something like this, and since you’ve got it on the frontend already just throwing the token to the backend and letting it validate the token https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/node-token-validation-samples/basic-sample
- [AskJS] Question about caching JWT in SPA
-
Laravel Azure Authentication with SPA
I did an azure ad implementation recently(laravel / SPA). I used the offical msal.js library (https://github.com/AzureAD/microsoft-authentication-library-for-js) to present the azure ad login screen. After successful login, I take the received azure ad access token and send it to my laravel based api. there, I verify the token and if valid and the user exists in the app, I create an access token for my apis and return it to the spa. The spa then uses this token for further requests, until the lifetime of the token expires. Hope that helps a bit, feel free to ask for details :)
What are some alternatives?
active-directory-b2c-ios-swift-native-msal - An iOS sample in Swift that authenticates Azure AD B2C users and calls an API using OAuth 2.0
Cypress - Fast, easy and reliable testing for anything that runs in a browser.
cli-microsoft365 - Manage Microsoft 365 and SharePoint Framework projects on any platform
laravel-azure-ad-oauth - Drop-in socialiate plugin for Laravel applications for Microsoft Azure SSO.
active-directory-b2c-javascript-msal-singlepageapp - A single page application (SPA) calling a Web API. Authentication is done with Azure AD B2C by leveraging MSAL.js
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
GSuite-as-identity-Provider-IdP-for-Office-365-or-Azure-Active-Directory - Finally manage to sync GSuite account with azure active directory!!!
amplify-js - A declarative JavaScript library for application development using cloud services.
azureadb2ccommunity.io - Azure AD B2C Community Website
IdentityServer - The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
samples - Azure AD B2C custom policy solutions and samples.
openiddict-core - Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET