Node.js Web API with Azure AD v2.0

Last updated: 4/8/2019
Edit on GitHub

This sample demonstrates how to protect a Node.js web API with Azure AD v2.0 using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, you will need to replace the client ID.

Steps to Run

  1. Clone the code.

    git clone

  2. Make sure you've installed Node.

  3. Install the node dependencies:

    npm install && npm update
  4. Run the Web API! By default it will run on http://localhost:5000

    node index.js

Next Steps

The /hello endpoint in this sample is protected so an authorized request to it requires an access token issued by Azure AD v2.0 in the header. You can register your app and make authorized requests to this web API.

Questions & Issues

Please file any questions or problems with the sample as a GitHub issue. You can also post on Stackoverflow with the tag azure-active-directory. For OAuth2.0 library issues, please see note below.


This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.