Getting started with user authentication on Azure
The Microsoft identity platform allows a JavaScript developer to authenticate and authorize user identity in your browser, server, or serverless application.
1. Create app registration
The Active directory app registration is required to provide authentication with Microsoft Identity.
The no-code authentication path, Easy Auth, means the hosting environment manages the authentication for your app.
- Create your hosting resource, such as an Azure web app or Azure function app.
- Enable Easy Auth by adding Authentication to your hosting resource. The process creates the app registration for you.
- If you only need to use authentication as a barrier to entry for your app, you are done. If your app needs to access other resources on behalf of the user or service, continue with MSAL integration.
2. Collect app registration information for MSAL integration
To integrate user authentication to access Azure resources on behalf of your users, you need app registration information.
Collect required information for the app registration from the Azure portal to configure the MSAL SDK :
- Application (client) ID
- Directory (tenant) ID
- Client secret
3. Find an MSAL sample for your scenario
The fastest way to get started with the MSAL SDK is to find your scenario, then locate your framework and sample associated with your scenario.
Top JS samples include:
- GitHub Tutorial: Deploy your React/API to Static web apps with MSAL integration
- GitHub Tutorial: Enable your Node.js web app to sign-in users and call APIs with the Microsoft identity platform
4.Integration with DefaultAzureCredential
Configure your runtime environment so your code can use the DefaultAzureCredential, on behalf of your users or system. This allows your same code to run in local, stage, and production environments, without managing credentials yourself.
Examples of DefaultAzureCredential:
Configure a managed identity for your hosting environment.
The value for the MSAL SDK's DefaultAzureCredential is controlled by the managed identity on the runtime environment.
Helpful tools
- JWT.ms to inspect your tokens
- Independent VS Code extension jwt-decoder
- Microsoft Graph REST API for @me
Samples
Next steps
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for