@coopah/microsoft-sso-node
v1.1.3
Published
This Node.js module provides functionality to verify Microsoft ID tokens using Azure AD. It ensures that tokens are valid according to the specified Azure AD tenant and client ID, leveraging the JWKS (JSON Web Key Set) endpoint provided by Microsoft for c
Downloads
12
Readme
@coopah/microsoft-sso-node
This Node.js module provides functionality to verify Microsoft ID tokens using Azure AD. It ensures that tokens are valid according to the specified Azure AD tenant and client ID, leveraging the JWKS (JSON Web Key Set) endpoint provided by Microsoft for cryptographic signing key information.
This packages works great together with @coopah/microsoft-sso-react!
Installation
To install the package, run the following command in your project directory:
npm
npm install @coopah/microsoft-sso-node
yarn
yarn add @coopah/microsoft-sso-node
Functions
verifyMicrosoftIdToken
This function is designed to verify Microsoft ID tokens using Azure Active Directory. It utilizes the JWKS endpoint to fetch signing keys and ensures that the provided ID token is valid according to the specified Azure AD tenant's standards.
Props
| Prop | Type | Required | Default | Description |
|-------------------|----------|----------|---------|-----------------------------------------------------------------|
| token
| string
| Yes | - | The token to be verified. |
| clientId
| string
| Yes | - | The client ID of your application registered in Azure AD. |
| tenantId
| string
| Yes | - | The tenant ID of your Azure AD directory. |
How to use
verifyMicrosoftIdToken
This should be in your service / controller.
import verifyMicrosoftIdToken from '@coopah/microsoft-sso-node'
export const loginService = async (token) => {
try {
//Best to store them in an .env file
const tenantId = ""
const clientId = ""
const decodedEmail = await verifyMicrosoftIdToken(token, clientId, tenantId)
//Custom accessToken & refreshToken logic
const accessToken = ""
const refreshToken = ""
return { accessToken, refreshToken }
} catch (err) {
return { message: 'Login failed' }
}
}