Skip to content

robbie-terazo/msal-node-client-credentials

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
config
config
 
 
data
data
 
 
test
test
 
 
.beachballrc
.beachballrc
 
 
.gitignore
.gitignore
 
 
.npmrc
.npmrc
 
 
README.md
README.md
 
 
index.js
index.js
 
 
jest.config.js
jest.config.js
 
 
package.json
package.json
 
 

Repository files navigation

MSAL Node Standalone Sample: Client Credentials Grant

This sample demonstrates how to implement an MSAL Node confidential client application to acquire an access token with application permissions using the OAuth 2.0 Client Credentials Grant

The Client Credentials flow is most commonly used for a daemon or a command-line app that calls web APIs and does not have any user interaction.

MSAL Node also supports specifying a regional authority for acquiring tokens when using the client credentials flow. For more information on this, please refer to: Regional Authorities

Setup

Locate the folder where package.json resides in your terminal. Then type:

    npm install

Register

  1. Navigate to the Azure portal and select the Azure AD service.
  2. Select the App Registrations blade on the left, then select New registration.
  3. In the Register an application page that appears, enter your application's registration information:
    • In the Name section, enter a meaningful application name that will be displayed to users of the app, for example msal-node-console.
    • Under Supported account types, select Accounts in this organizational directory only.
  4. Select Register to create the application.
  5. In the app's registration screen, find and note the Application (client) ID and Directory (Tenant) ID. You use these values in your app's configuration file(s) later.
  6. In the app's registration screen, select the Certificates & secrets blade in the left.
    • In the Client secrets section, select New client secret.
    • Type a key description (for instance app secret),
    • Select one of the available key durations (6 months, 12 months or Custom) as per your security posture.
    • The generated key value will be displayed when you select the Add button. Copy and save the generated value for use in later steps.
  7. In the app's registration screen, select the API permissions blade in the left to open the page where we add access to the APIs that your application needs.
    • Select the Add a permission button and then,
    • Ensure that the Microsoft APIs tab is selected.
    • In the Commonly used Microsoft APIs section, select Microsoft Graph
    • In the Application permissions section, select the User.Read.All in the list. Use the search box if necessary.
    • Select the Add permissions button at the bottom.
    • Finally, grant admin consent for this scope.

Before running the sample, you will need to replace the values in the configuration object:

const config = {
    auth: {
        clientId: "ENTER_CLIENT_ID",
        authority: "https://login.microsoftonline.com/ENTER_TENANT_INFO",
        clientSecret: "ENTER_CLIENT_SECRET",
    }
};

Run the app

In the same folder, type:

    npm start

After that, you should see the response from Azure AD in your terminal.

More information

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages