@azure/msal-angular

What is @azure/msal-angular?

@azure/msal-angular is a library that allows Angular applications to authenticate users with Microsoft Identity Platform and obtain tokens to call Microsoft APIs such as Microsoft Graph or any API registered with the Microsoft identity platform.

What are @azure/msal-angular's main functionalities?

User Authentication

This code demonstrates how to set up the MSAL instance in an Angular application to enable user authentication with Microsoft Identity Platform.

import { MsalModule, MsalService, MSAL_INSTANCE } from '@azure/msal-angular';
import { PublicClientApplication } from '@azure/msal-browser';

export function MSALInstanceFactory() {
  return new PublicClientApplication({
    auth: {
      clientId: 'your-client-id',
      authority: 'https://login.microsoftonline.com/your-tenant-id',
      redirectUri: 'http://localhost:4200'
    }
  });
}

@NgModule({
  imports: [
    MsalModule
  ],
  providers: [{
    provide: MSAL_INSTANCE,
    useFactory: MSALInstanceFactory
  }, MsalService]
})
export class AppModule { }

Token Acquisition

This code demonstrates how to log in a user and acquire an access token silently for calling Microsoft Graph API or other APIs.

import { MsalService } from '@azure/msal-angular';

@Component({
  selector: 'app-root',
  templateUrl: './app.component.html'
})
export class AppComponent {
  constructor(private authService: MsalService) {}

  login() {
    this.authService.loginPopup().subscribe(response => {
      console.log('Login successful', response);
    }, error => {
      console.error('Login failed', error);
    });
  }

  getToken() {
    this.authService.acquireTokenSilent({
      scopes: ['user.read']
    }).subscribe(response => {
      console.log('Token acquired', response.accessToken);
    }, error => {
      console.error('Token acquisition failed', error);
    });
  }
}

Guarding Routes

This code demonstrates how to protect routes in an Angular application using MsalGuard to ensure that only authenticated users can access certain routes.

import { MsalGuard } from '@azure/msal-angular';

const routes: Routes = [
  { path: 'profile', component: ProfileComponent, canActivate: [MsalGuard] }
];

@NgModule({
  imports: [RouterModule.forRoot(routes)],
  exports: [RouterModule]
})
export class AppRoutingModule { }

Other packages similar to @azure/msal-angular

angular-oauth2-oidc

angular-oauth2-oidc is a library for OAuth2 and OpenID Connect (OIDC) authentication in Angular applications. It provides similar functionalities to @azure/msal-angular, such as user authentication, token management, and route protection. However, it is more generic and can be used with various identity providers, not just Microsoft Identity Platform.

oidc-client

oidc-client is a JavaScript library for OpenID Connect (OIDC) and OAuth2 authentication. It can be used in various JavaScript frameworks, including Angular, to handle user authentication and token management. Unlike @azure/msal-angular, it is not specific to Angular and requires more manual setup for integration with Angular applications.

auth0-angular

auth0-angular is a library for integrating Auth0 authentication and authorization into Angular applications. It provides similar functionalities to @azure/msal-angular, such as user authentication, token management, and route protection. Auth0 is a third-party identity provider that supports various authentication methods and social logins.

README

Microsoft Authentication Library for Angular

Getting Started	AAD Docs	Library Reference	Support	Samples

1. About
2. Guides
3. FAQ
4. Changelog
5. Version Support
6. Prerequisites
7. Installation
8. Usage
9. Samples
10. Build and running tests
11. Versioning
12. Community Help and Support
13. Contribute
14. Security Reporting
15. License
16. Code of Conduct

About

MSAL for Angular enables Angular web applications to authenticate users using Azure AD work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through Azure AD B2C service. It also enables your app to get tokens to access Microsoft Cloud services such as Microsoft Graph.

The @azure/msal-angular package described by the code in this folder wraps the @azure/msal-browser package and uses it as a peer dependency to enable authentication in Angular Web Applications without backend servers. This version of the library uses the OAuth 2.0 Authorization Code Flow with PKCE. To read more about this protocol, as well as the differences between implicit flow and authorization code flow, see the description provided by @azure/msal-browser. If you are looking for the version of the library that uses the implicit flow, please see the MSAL Angular v1 library.

The current @azure/msal-angular library improves upon the previous version and utilizes the authorization code flow. Most features available in the old library will be available in this one, but there are nuances to the authentication flow in both. The latest @azure/msal-angular package does NOT support the implicit flow.

Guides

• Upgrade Guide (v1-v2)
• Upgrade Guide (v0-v1)
• Configuration

Version Support

At a minimum, @azure/msal-angular will follow the support schedule of the main Angular project. We may continue to support certain versions of Angular that are not under Active or LTS support from the main Angular project on a version-by-version basis, as defined below.

MSAL Angular version	MSAL support status	Supported Angular versions
MSAL Angular v2	Active development	9, 10, 11, 12, 13
MSAL Angular v1	Active development	6, 7, 8, 9
MSAL Angular v0	In maintenance	4, 5

Prerequisites

Before using @azure/msal-angular, register an application in Azure AD to get your clientId.

Installation

The @azure/msal-angular package is available on NPM:

npm install @azure/msal-browser @azure/msal-angular@latest

Usage

MSAL Angular Basics

1. Initialization
2. Public APIs
3. Using redirects
4. Using the MsalGuard
5. Using the MsalInterceptor
6. Known issues

Advanced Topics

1. Logging
2. Multi-Tenant
3. Security
4. Internet Explorer Support
5. Events
6. Angular Universal and SSR
7. Performance

All documentation for MSAL Angular v1 can be found here.

Samples

MSAL Angular v1 Samples

• Angular Quickstart
• B2C Angular SPA
• Angular v6
• Angular v7
• Angular v8
• Angular v9

MSAL Angular v2 Samples

• Angular v9
• Angular v10
• Angular v11
• Angular v11 B2C Sample
• Angular v12
• Angular v13 RxJS v6
• Angular v13 RxJS v7
• Angular v14 RxJS v6
• Angular v14 RxJS v7

See here for specific features demonstrated by our MSAL Angular v2 samples.

Advanced MSAL Angular v2 Samples

• Angular SPA with ASP.NET Core web API
• Angular SPA with APS.NET Core web API using App Roles and RBAC
• Angular SPA calling Microsoft Graph via ASP.NET Core web API using on-behalf-of flow
• Angular SPA calling ASP.NET Core Web API using Proof of Possession tokens
• Multi-tenant tutorial using MSAL Angular v2
• Deployment tutorial using Azure App Service and Azure Storage

Build and running tests

If you want to build the library and run all the unit tests, you can do the following.

First navigate to the root directory of the library(msal-angular) and install the dependencies:

npm install

Then use the following command to build the library and run all the unit tests:

npm run build

npm run test

Versioning

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

Community Help and Support

• Msal Browser FAQ for access to our frequently asked questions
• Stack Overflow using tag "msal". We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.
• GitHub Issues for reporting a bug or feature requests
• User Voice page to provide recommendations and/or feedback

Contribute

We enthusiastically welcome contributions and feedback. Please read the contributing guide before you begin.

Security Reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

License

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License").

We Value and Adhere to the Microsoft Open Source Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.