Table of contents
- Register the application
- Build and run the sample
- Community Help and Support
- How to get a token
- How to refresh a token
- How to call a backend Web API
- How to sign a user out of your application
Register the application
Sign into the App Registration Portal using either your personal or work or school account.
Choose Add an app.
Enter a name for the app, and choose Create application.
The registration page displays, listing the properties of your app.
Copy the Application Id (also named ClientID) to the clipboard. This is the unique identifier for your app.
Under Platforms, choose Add Platform.
Make sure the Allow Implicit Flow check box is selected, and enter https://localhost:44302/ as the Redirect URI.
Build and run the sample
Download or clone the repository for this sample.
Using your favorite IDE, open app.js in App/scripts.
Replace the clientId GUID with the application ID of your registered Azure application that you pasted in the clipboard.
open Web.config in the root of the application.
Replace the value of the Ida::Audience application setting with the application ID of your registered Azure application (same GUID that you pasted to the clipboard). Note that Ida::Tenant is not currently set in the Web.config as all AAD V2 web APIs are currently multi-tenant.
Run the application in Visual Studio, for choose, from the toolback under the main menubar, which browser to use and use the Debug | Start without debugging command. The browser opens, navigating to
When the page gets displayed, click on the Login button.
When the popup window appears, sign-in with your personal or work or school account and grant the requested permissions.
Click on User to see information about the Signed-in user, and TodoList to edit the todo list (you can add, delete, edit new items)
The sample was tested with Chrome, Edge and Internet Explorer. For Internet explorer, be sure to read the msal.js FAQ Using msal.js with Internet Explorer
About the code.
The creation of the user agent application is done in app.js, configured by the clientID.
when the user presses the login button (sign-in happens, in app.js by a call to loginPopup().
when the user presses the logout button (sign-out happens, in app.js through a call to logout().
Community Help and Support
We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [msal.js].
If you find and bug or have a feature request, please raise the issue on GitHub Issues.
To provide a recommendation, visit our User Voice page.
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible.
If you find a security issue with our libraries or services please report it to email@example.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.
Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");