Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

@browserstack/msal-node

AzureAD31MIT2.1.0TypeScript support: included

Microsoft Authentication Library for Node

js, ts, node, AAD, msal, oauth

readme

Microsoft Authentication Library for Node (msal-node)

npm version npm version codecov

Getting Started AAD Docs Library Reference
  1. About
  2. FAQ
  3. Changelog
  4. Prerequisites
  5. Installation
  6. Node Version Support
  7. Usage
  8. Samples
  9. Build Library
  10. Security Reporting
  11. License
  12. Code of Conduct

About

MSAL Node enables applications to authenticate users using Azure AD work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through Azure AD B2C service. It also enables your app to get tokens to access Microsoft Cloud services such as Microsoft Graph.

NOTE: This is a patched version of MSAL Node package to support node v20 and above

OAuth2.0 grant types supported:

The current version supports the following ways of acquiring tokens:

Public Client:

Confidential Client:

More details on different grant types supported by Microsoft authentication libraries in general can be found here.

Scenarios supported:

The scenarios supported with this library are:

  • Desktop app that calls web APIs
  • Web app that calls web APIs
  • Web APIs that call web APIs
  • Daemon apps

More details on scenarios and the authentication flows that map to each of them can be found here.

FAQ

See here.

Prerequisites

Before using @azure/msal-node you will need to register your app in the azure portal:

Installation

Via NPM:

npm install @azure/msal-node

Node Version Support

MSAL Node will follow the Long Term Support (LTS) schedule of the Node.js project. Our support plan is as follows.

Any major MSAL Node release:

  • Will support stable (even-numbered) Maintenance LTS, Active LTS, and Current versions of Node
  • Will drop support for any previously supported Node versions that have reached end of life
  • Will not support prerelease/preview/pending versions until they are stable
MSAL Node version MSAL support status Supported Node versions
2.x.x Active development 18, 20
1.x.x In maintenance 10, 12, 14, 16, 18

Note: There have been no functional changes in the MSAL Node v2 release.

Usage

MSAL basics

Samples

There are multiple samples included in the repository that use MSAL Node to acquire tokens. These samples are currently used for manual testing, and are not meant to be a reference of best practices, therefore use judgement and do not blindly copy this code to any production applications.

AAD samples:

  • auth-code: Express app using OAuth2.0 authorization code flow.
  • auth-code-pkce: Express app using OAuth2.0 authorization code flow with PKCE.
  • device-code: Command line app using OAuth 2.0 device code flow.
  • refresh-token: Command line app using OAuth 2.0 refresh flow.
  • silent-flow: Express app using OAuth2.0 authorization code flow to acquire a token and store in the token cache, and silent flow to use tokens in the token cache.
  • client-credentials: Daemon app using OAuth 2.0 client credential grant to acquire a token.
  • on-behalf-of: Web application using OAuth 2.0 auth code flow to acquire a token for a web API. The web API validates the token, and calls Microsoft Graph on behalf of the user who authenticated in the web application.
  • username-password: Web application using OAuth 2.0 resource owner password credentials (ROPC) flow to acquire a token for a web API.
  • ElectronTestApp: Electron desktop application using OAuth 2.0 auth code with PKCE flow to acquire a token for a web API such as Microsoft Graph.
  • Hybrid Spa Sample: Sample demonstrating how to use enableSpaAuthorizationCode to perform SSO for applications that leverage server-side and client-side authentication using MSAL Browser and MSAL Node.

B2C samples:

Others:

Build and Test

// Install dependencies from root of repo
npm install

// Change to the msal-node package directory
cd lib/msal-node

// To run build for common package & node package
npm run build:all

// To run build only for node package
npm run build

// To run tests
npm run test

Local Development

Below is a list of commands you will probably find useful:

npm run build:modules:watch

Runs the project in development/watch mode. Your project will be rebuilt upon changes. TSDX has a special logger for you convenience. Error messages are pretty printed and formatted for compatibility VS Code's Problems tab. The library will be rebuilt if you make edits.

npm run build

Bundles the package to the dist folder. The package is optimized and bundled with Rollup into multiple formats (CommonJS, UMD, and ES Module).

npm run build:all

Builds both msal-common and msal-node

npm run lint

Runs eslint with Prettier

npm test, npm run test:coverage, npm run test:watch

Runs the test watcher (Jest) in an interactive mode. By default, runs tests related to files changed since the last commit. Generate code coverage by adding the flag --coverage. No additional setup needed. Jest can collect code coverage information from entire projects, including untested files.

Security Reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

License

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License.

We Value and Adhere to the Microsoft Open Source Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

msal-node

changelog

Change Log - @azure/msal-node

This log was last generated on Tue, 05 Sep 2023 22:13:47 GMT and should not be manually modified.

2.1.0

Tue, 05 Sep 2023 22:13:47 GMT

Minor changes

Patches

Changes

2.0.2

Fri, 18 Aug 2023 18:40:02 GMT

Patches

2.0.1

Fri, 11 Aug 2023 19:00:44 GMT

Patches

2.0.0

Mon, 07 Aug 2023 18:15:15 GMT

Major changes

Minor changes

Patches

1.17.2

Mon, 01 May 2023 20:47:44 GMT

Patches

  • Bump @azure/msal-common to v13.0.0

1.17.0

Mon, 03 Apr 2023 21:29:31 GMT

Minor changes

Patches

1.16.0

Tue, 07 Mar 2023 16:48:52 GMT

Minor changes

Patches

1.15.0

Mon, 06 Feb 2023 18:51:50 GMT

Minor changes

Patches

  • tokenQueryParameters are now sent to the /token endpoint for all Confidential Client flows #5573 (rginsburg@microsoft.com)

1.14.6

Mon, 09 Jan 2023 22:44:58 GMT

Patches

1.14.5

Wed, 07 Dec 2022 16:53:07 GMT

Patches

  • Serialize/deserialize access token userAssertionHash property to fix cache persistence issue in OBO flow #5398 (v-derisen@microsoft.com)
  • Bump @azure/msal-common to v9.0.1

1.14.4

Mon, 21 Nov 2022 19:14:45 GMT

Patches

1.14.3

Mon, 07 Nov 2022 22:46:55 GMT

Patches

  • Bump @azure/msal-common to v8.0.0

1.14.2

Mon, 10 Oct 2022 22:27:03 GMT

Patches

  • Bump @azure/msal-common to v7.6.0

1.14.1

Mon, 03 Oct 2022 22:12:27 GMT

Patches

  • sanitize client credentials request against oidc scopes #4999 (v-derisen@microsoft.com)
  • This PR modifies HttpClient to return apprpropriate underlying error that is handled upstream. #5175 (bmahal@microsoft.com)
  • Bump @azure/msal-common to v7.5.0

1.14.0

Mon, 12 Sep 2022 18:19:32 GMT

Minor changes

1.13.0

Fri, 02 Sep 2022 18:06:53 GMT

Minor changes

1.12.1

Mon, 01 Aug 2022 22:22:36 GMT

Patches

  • Bump @azure/msal-common to v7.3.0

1.12.0

Mon, 18 Jul 2022 23:26:21 GMT

Minor changes

1.11.0

Tue, 05 Jul 2022 22:37:04 GMT

Minor changes

1.10.0

Mon, 13 Jun 2022 22:28:09 GMT

Minor changes

  • Fix ClientAssertion configuration typing between common and node #4846 (hemoral@microsoft.com)
  • Bump @azure/msal-common to v7.0.0

Patches

1.9.1

Mon, 06 Jun 2022 22:13:00 GMT

Patches

  • Use native http modules instead of axios for regular and proxied network requests #4744 (rginsburg@microsoft.com)
  • Updated the regex and added a test for detecting public cert for SNI #4790 (email not defined)
  • export AuthorizationCodePayload type from msal-common #4803 (git@hens.by)
  • Bump @azure/msal-common to v6.4.0

1.9.0

Mon, 02 May 2022 22:23:33 GMT

Minor changes

1.8.0

Mon, 04 Apr 2022 21:12:42 GMT

Minor changes

Patches

1.7.0

Mon, 07 Mar 2022 23:28:43 GMT

Minor changes

Patches

1.6.0

Tue, 08 Feb 2022 00:41:06 GMT

Minor changes

1.5.0

Tue, 04 Jan 2022 00:20:29 GMT

Minor changes

  • Bump @azure/msal-common to v6.0.0

1.4.0

Tue, 07 Dec 2021 00:17:01 GMT

Minor changes

1.3.3

Mon, 01 Nov 2021 23:53:22 GMT

Patches

  • Bump @azure/msal-common to v5.1.0

1.3.2

Mon, 04 Oct 2021 23:12:35 GMT

Patches

1.3.1

Tue, 07 Sep 2021 23:22:24 GMT

Patches

1.3.0

Thu, 22 Jul 2021 22:50:22 GMT

Minor changes

1.2.0

Mon, 28 Jun 2021 23:39:48 GMT

Minor changes

Patches

1.1.0

Wed, 12 May 2021 18:35:03 GMT

Minor changes

1.0.3

Thu, 22 Apr 2021 23:26:08 GMT

Patches

1.0.2

Wed, 14 Apr 2021 18:39:53 GMT

Patches

1.0.0

Thu, 18 Feb 2021 00:34:32 GMT

Patches

Changes

1.0.0-beta.6

Tue, 09 Feb 2021 01:48:22 GMT

Changes

1.0.0-beta.5

Tue, 02 Feb 2021 01:56:47 GMT

Changes

1.0.0-beta.4

Thu, 21 Jan 2021 21:48:01 GMT

Changes

1.0.0-beta.3

Tue, 12 Jan 2021 00:51:26 GMT

Patches

Changes

1.0.0-beta.2

Mon, 07 Dec 2020 22:19:03 GMT

Changes

1.0.0-beta.1

Wed, 11 Nov 2020 23:33:20 GMT

Changes

1.0.0-alpha.16

Tue, 10 Nov 2020 01:48:44 GMT

Changes

1.0.0-alpha.15

Sat, 07 Nov 2020 01:50:14 GMT

Changes

1.0.0-alpha.14

Mon, 02 Nov 2020 23:33:39 GMT

Changes

1.0.0-alpha.13

Mon, 26 Oct 2020 21:00:29 GMT

Changes

1.0.0-alpha.12

Tue, 20 Oct 2020 23:47:28 GMT

Changes

1.0.0-alpha.11

Thu, 15 Oct 2020 00:49:18 GMT

Changes

1.0.0-alpha.10

Wed, 14 Oct 2020 23:45:07 GMT

Changes

1.0.0-alpha.9

Fri, 02 Oct 2020 17:42:35 GMT

Changes

1.0.0-alpha.7

Wed, 23 Sep 2020 21:13:48 GMT

Changes

1.0.0-alpha.6

Thu, 17 Sep 2020 23:16:22 GMT

Changes

1.0.0-alpha.5

Tue, 25 Aug 2020 00:40:45 GMT

Changes

1.0.0-alpha.4

  • Add confidential client support (#2023)

1.0.0-alpha.3

  • Fix an issue where the types were not defined correctly in the package.json (#2014)

1.0.0-alpha.2

  • Fix an issue where the dist folder was not published (#2013)

1.0.0-alpha.1

  • Add response to device code in msal-node (#1947)
  • msal-node docs update (#1948)
  • Export AccountInfo in `msal-node (#2005)

1.0.0-alpha.0

  • scaffolding (#1328)
  • Configuration and Client (#1325)
  • Account and Authority (#1330)
  • initial compatibility with other libs (#1342)
  • msal-node crypto module (#1368)
  • msal-node network module (#1371)
  • msal-node lerna support (#1383)
  • msal-common and msal-node Client applications, authorization code and device code flow (#1409)
  • msal-node add DEBUG logging (#1423)
  • msal-common authority changes (#1424)
  • msal-node and msal-common unit tests for changes in #1409 (#1449)
  • msal-node switch strictNullChecks:true for msal-node (#1478)
  • msal-node and msal-common Update generation of client info headers (#1482)
  • msal-node and msal-common Support for acquiring a token with refresh token (#1496)
  • msal-node and msal-common Move authority generation from common to node (#1537)
  • msal-node fix casing issue (#1630)
  • msal-node Cache implementation (#1444, #1471, #1519, #1520, #1522, #1622, #1655, #1680)
  • msal-node Silent Flow support (#1711)
  • merge cache logic for all platforms (#1762)
  • Utilize ScopeSet across the library (#1770)
  • Update UnifiedCacheManager.ts (#1771)
  • Node cache interface (#1801)
  • SilentFlow node interface (#1809)
  • Update TokenCache name (#1901)