| page_type | languages | products | description | urlFragment | ||||
|---|---|---|---|---|---|---|---|---|
sample |
|
|
Demonstrates how to use MSAL Node to acquire an access token for a protected resource such as Microsoft Graph in a console daemon application using the application's own identity (client credentials flow) |
ms-identity-javascript-nodejs-console |
This sample demonstrates how to use MSAL Node to acquire an access token for a protected resource such as Microsoft Graph in a console daemon application using the application's own identity with the (client credentials flow).
Caution
This sample is intended as a daemon application - an application that securely runs on a server. You should not use this sample for any public client scenarios. Distributing client secrets with your applications can lead to exfiltration and misuse of the credentials.
This sample demonstrates the following MSAL Node concepts:
- Configuration
- Acquiring an access token
- Calling a web API
| File/folder | Description |
|---|---|
AppCreationScripts/ |
Contains Powershell scripts for automating app registration. |
bin/index.js |
Application entry. |
bin/auth.js |
Main authentication logic resides here. |
bin/fetch.js |
Contains an Axios HTTP client for calling endpoints. |
.env |
Environment variables of authentication parameters. |
- Node.js must be installed to run this sample.
- Visual Studio Code is recommended for running and editing this sample.
- Register a new application in the Microsoft Entra admin center.
- For API Permissions, select
User.Read.Allunder Microsoft APIs > Microsoft Graph > Application Permissions. - Select Grant admin consent for {tenant}.
- For API Permissions, select
- Clone this repository
git clone https://github.com/Azure-Samples/ms-identity-javascript-nodejs-console.git - Open the .env file and provide the required configuration values.
- Replace the string
Enter_the_Tenant_Info_Herewith your tenant ID on Microsoft Entra admin center. - Replace the string
Enter_the_Application_Id_Herewith your app/client ID on Microsoft Entra admin center. - Replace the string
Enter_the_Client_Secret_Herewith the client secret you created on Microsoft Entra admin center. - Replace the string
Enter_the_Cloud_Instance_Id_Herewithhttps://login.microsoftonline.com/(see note below). - Replace the string
Enter_the_Graph_Endpoint_Here. withhttps://graph.microsoft.com/(see note below).
- Replace the string
ℹ️ note: This is for multi-tenant applications located on the global Azure cloud. For more information, see: Use MSAL in a national cloud environment
ℹ️ note: This is for MS Graph instance located on the global Azure cloud. For more information, see: Use Microsoft Graph in a national cloud environment
- On the command line, navigate to the root of the repository, and type
npm install.
ℹ️ Alternative, type
npm install -g. This will install the CLI application globally so that it can be called from anywhere.
- On the command line, navigate to the root of the repository and run the sample application with
node . --op getUsers.
ℹ️ If you have installed the sample app globally above, type
msal-node-cli --op getUsersfrom anywhere in a command line.
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.