@startupjs/auth-azuread
Advanced tools
@startupjs/auth: >= 0.33.0
react-native-webview: 10.10.2
1 - Go to Microsoft Azure portal
2 - Create an account if you don't have one
3 - Go to Active Directory
4 - Go to the tab App registration
5 - Then New registration, fill in the fields
6 - Copy Client ID as AZUREAD_CLIENT_ID in config.json
7 - Copy Tenant ID as AZUREAD_TENANT_ID in config.json
8 - Go to the tab Endpoints, copy Identity metadata as AZUREAD_IDENTITY_METADATA in config.json. Instead of common/organizations must stand Tenant ID.
9 - In the tab Certificates and secrets, create client secret, copy as AZUREAD_CLIENT_SECRET in config.json.
10 - Next, you need to configure URI redirects, to do this, go to the tab with the redirect URI settings. Create platforms with links:
SPA platform - http://localhost:3000/auth/azuread/callback
Web platform - http://localhost:3000/auth/azuread/callback-native
11 - In the manifest, specify the data:
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": true
Importing a strategy:
import { Strategy as AzureadStrategy } from '@startupjs/auth-azuread/server'
Importing lib for the config:
import conf from 'nconf'
In startupjsServer, in the strategy of the initAuth function need to add AzureadStrategy, with variables from the config:
initAuth(ee, {
strategies: [
new AzureADStrategy({
clientId: conf.get('AZUREAD_CLIENT_ID'),
clientSecret: conf.get('AZUREAD_CLIENT_SECRET'),
tenantId: conf.get('AZUREAD_TENANT_ID'),
identityMetadata: conf.get('AZUREAD_IDENTITY_METADATA'),
allowHttpForRedirectUrl: process.env.NODE_ENV !== 'production'
})
]
})
Parameter allowHttpForRedirectUrl - determines whether it can be used http for redirect url
For production, you need to use https in BASE_URL, and the condition process.env.NODE_ENV !== 'production'
import { AuthButton as AzureadAuthButton } from '@startupjs/auth-azuread/client'
FAQs
AzueAd auth plugin for StartupJS auth module
We found that @startupjs/auth-azuread demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.