Skip to content
/ msal-node-certs Public

Express web app secured with msal node using certs, key vault and managed id

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Shama-K/msal-node-certs

BranchesTags

Repository files navigation

MSAL Node Web App using certificates, Azure Key Vault and Azure Managed Identity

This sample demonstrates an MSAL Node confidential client (web) application that lets users authenticate against Azure AD.

This sample requires a certificate. Certificates and related topics are discussed in Documentation: Using Certificates with MSAL Node.

Setup

Locate the folder where package.json resides in your terminal. Then type:

    npm install

Register

  1. Navigate to the Azure portal and select the Azure AD service.
  2. Select the App Registrations blade on the left, then select New registration.
  3. In the Register an application page that appears, enter your application's registration information:
    • In the Name section, enter a meaningful application name that will be displayed to users of the app, for example ms-identity-nodejs-webapp.
    • Under Supported account types, select Accounts in this organizational directory only.
    • In the Redirect URI (optional) section, select Web in the combo-box and enter the following redirect URI: http://localhost:3000/redirect.
  4. Select Register to create the application.
  5. In the app's registration screen, find and note the Application (client) ID and Directory (Tenant) ID. You use these values in your app's configuration file(s) later.
  6. Select Save to save your changes.
  7. In the app's registration screen, select the Certificates & secrets blade in the left.
    • Click on Upload certificate and select the certificate file to upload.
    • Click Add. Once the certificate is uploaded, the thumbprint, start date, and expiration values are displayed.

Before running the sample, you will need to replace the values in the config

const config = {
    auth: {
        clientId: "YOUR_CLIENT_ID",
        authority: "https://login.microsoftonline.com/YOUR_TENANT_ID",
        clientCertificate: {
            thumbprint: "CERT_THUMBPRINT",
            privateKey: "CERT_PRIVATE_KEY",
        }
    },
    system: {
        loggerOptions: {
            loggerCallback(loglevel, message, containsPii) {
                console.log(message);
            },
            piiLoggingEnabled: false,
            logLevel: msal.LogLevel.Verbose,
        }
    }
};

Run the app

In the same folder, type:

    npm start

The server should start at port 3000.

More information

About

Express web app secured with msal node using certs, key vault and managed id

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages