Core Library
MSAL Node (@azure/msal-node)
Core Library Version
3.8.1
Wrapper Library
Not Applicable
Wrapper Library Version
None
Public or Confidential Client?
Confidential
Description
The code example does not work as it is. The following issues are in the code and/or in the documentation:
- The code passes process.env.AZURE_CLIENT_SECRET as client secret. The documentation mentions to put CLIENT_SECRET (instead of AZURE_CLIENT_SECRET) into the .env file.
- The "MSAL Usage" comment block mentions to use the accessToken. However, for small web apps the idToken is of interest, which isn't mentioned anywhere.
- The SESSION_SECRET is not mentioned in the documentation. For people not familiar with "express", this is a show-stopper.
- When the "knownAuthorities" key in the configuration is missing, the example fails with a cryptic error message. (The value passed to .filter(...), called within a catch block, which catches the actual error message and shows a generic message instead.) Setting "knownAuthorities" to an empty array [] either in the configuration file or in index.js resolves the issue.
- As a side note, authCodeUrlParameters is persistent across requests, and modified by each request (instead of being treated as an immutable configuration value). While this is certainly fine in a piece of example code, it is nevertheless bad practice.
Error Message
No response
MSAL Logs
No response
Network Trace (Preferrably Fiddler)
MSAL Configuration
{
"authOptions":
{
"clientId": "935a5408-96e6-4170-9498-6fe1f129c07d",
"authority": "https://login.microsoftonline.com/1892f70b-2911-446b-824f-d0f8eaca9e98",
"knownAuthorities": []
},
"request":
{
"authCodeUrlParameters": {
"scopes": ["user.read"],
"redirectUri": "https://verify.viereck.ch/redirect"
},
"tokenRequest": {
"redirectUri": "https://verify.viereck.ch/redirect",
"scopes": ["user.read"]
}
},
"resourceApi":
{
"endpoint": "https://graph.microsoft.com/v1.0/me"
}
}
Relevant Code Snippets
Reproduction Steps
Mentioned in the text above.
Expected Behavior
A working example.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
None (Server)
Regression
No response
Core Library
MSAL Node (@azure/msal-node)
Core Library Version
3.8.1
Wrapper Library
Not Applicable
Wrapper Library Version
None
Public or Confidential Client?
Confidential
Description
The code example does not work as it is. The following issues are in the code and/or in the documentation:
Error Message
No response
MSAL Logs
No response
Network Trace (Preferrably Fiddler)
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Mentioned in the text above.
Expected Behavior
A working example.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
None (Server)
Regression
No response