The Microsoft identity platform, along with Azure Active Directory (Azure AD) and Azure Azure Active Directory B2C (Azure AD B2C) are central to the Azure cloud ecosystem. This tutorial aims to take you through the fundamentals of modern authentication with Node.js, using the Microsoft Authentication Library for Node.js (MSAL Node).

This tutorial also features a simple wrapper around MSAL Node ConfidentialClientApplication class in order to automate routine authentication tasks such as login, logout, token acquisition etc., as well as utility methods to validate tokens and etc. You can find the wrapper under the msal-express-wrapper folder. Feel free to customize it according to your needs. Suggestions and contributions are welcome!

We recommend following the chapters in successive order. However, the code samples are self-contained, so feel free to pick samples by topics that you may need at the moment.

⚠️ This is a work in progress. Come back frequently to discover more samples.

• Node.js
• Visual Studio Code
• VS Code Azure Tools Extension
• A modern web browser

Please refer to each chapter's README for sample-specific prerequisites.

• jwt.ms for inspecting your tokens
• Fiddler for monitoring your network activity and troubleshooting
• Check the MSAL Node FAQ for your questions first
• Follow the Azure AD Blog to stay up-to-date with the latest developments

Please refer to each chapter's README for sample-specific recommendations.

• For Azure AD, start the tutorial from here
• For Azure AD B2C, start the tutorial from here

Alternatively, choose below the sample you want to review.

	Sign-in with Azure AD Sign-in your users with Azure AD and learn to work with ID Tokens.
	Sign-in with Azure AD B2C Sign-in your customers with Azure AD B2C. Learn to integrate with external social identity providers. Learn how to use user-flows and custom policies.

	Get an Access Token from Azure AD and call Microsoft Graph Authenticate your users and acquire an Access Token for Microsoft Graph and then call the Microsoft Graph API.

	Protect and call a web API on Azure AD Protect your web API with the Azure AD. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected web API.
	Protect and call a web API on Azure AD B2C Protect your web API with Azure AD B2C. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected web API.

	Deploy to Azure Storage and App Service Prepare your app for deployment to various Azure services. Learn how to package and upload files, configure authentication parameters and use Azure services for managing your operations.

Were we successful in addressing your learning objective? Consider taking a moment to share your experience with us.

Learn more about the Microsoft identity platform:

• Microsoft identity platform
• Azure Active Directory B2C
• Overview of Microsoft Authentication Library (MSAL)
• Application types for Microsoft identity platform
• Understanding Azure AD application consent experiences
• Understand user and admin consent
• Application and service principal objects in Azure Active Directory
• Microsoft identity platform best practices and recommendations

See more code samples:

• MSAL code samples
• MSAL B2C code samples

Use Stack Overflow to get support from the community. Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [ms-identity azure-ad azure-ad-b2c msal node].

If you find a bug in the sample, please raise the issue on GitHub Issues.

To provide a recommendation, visit the following User Voice page.

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.