Menu
I am attempting to use Azure Active Directory to authenticate users for my node.js web application, so far with no luck.
I am wondering if anyone has actually ever achieved it since the documentation is quite poor. There is typically example code, but not really any indication of what the required parameters are and what they should be.
I have tried passport-azure-ad (which I think is from Microsoft) and passport.azure-ad-oauth2 (which is from Auth0(?)). For passport-azure-ad, I have tried the BearerStrategy and also the OIDCStrategy with no luck.
For BearerStrategy I get some cryptic message about my client and resource identifying the same application, but since there is no documentation telling me what those should be, I'm at a loss.
For the OIDCStrategy, I'm a bit closer in that I get redirected to Microsoft for authentication, but on return I get the error "Error: ID Token not present in response". I'm guessing that my request isn't correct enough to give me a token back for whatever reason, but since there is no documentation...(you get the idea).
Anyway, if anyone has actually successfully achieved it and is able to share some pointers as to how it was achieved, that would be great.
Many thanks.
372
Azure AD provides secure authentication and authorization solutions so that customers, partners, and employees can access the applications they need. With Azure AD, conditional access, multi-factor authentication, single-sign on, and automatic user provisioning make identity and access management easy and secure.
Here is a code example which is about integrating Azure AD into a NodeJS web application provided by Microsoft on GitHub, at https://github.com/Azure-Samples/active-directory-node-webapp-openidconnect.
And to make the sample run, you need to configure a few settings in the sample code about your Azure AD.
we can find the content as following shown in the config.js file in the root directory of the application:
exports.creds = {
returnURL: 'http://localhost:3000/auth/openid/return',
identityMetadata: 'https://login.microsoftonline.com/common/.well-known/openid-configuration', // For using Microsoft you should never need to change this.
clientID: '<your app id>',
clientSecret: '<your secret>', // if you are doing code or id_token code
skipUserProfile: true, // for AzureAD should be set to true.
responseType: 'id_token code', // for login only flows use id_token. For accessing resources use `id_token code`
responseMode: 'query', // For login only flows we should have token passed back to us in a POST
//scope: ['email', 'profile'] // additional scopes you may wish to pass
};
now you need to login the Azure manage portal, header to your Azure AD application page. Click the CONFIGURE tab to configure your AD.
Input the returnURL in config.js into the REPLY URL form under the single sign-on section:
fill the Azure AD endpoint of your AD application into the identityMetadata property in config.js. As the comment in the code says, if your Azure AD is in the Microsoft domain like: 
Then you don't have to change the setting. Otherwise, you need to replace the common in the endpoint in config.js to your AD ID, you can click the VIEW ENDPOINT at the bottom nav to find the ID:
configure the clientID and clientSecret in config.js. You all can find them in the CONFIGRE page of your AD application:
About the key, you can select the dropdown to select a duration of a key to create a new one, click the save button at the bottom nav, you can see the key data at first time you create it.
After finishing these steps, you can try the sample project.
166
For me this (No Code solution) worked in the new Azure Portal:
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
