Getting msal running on remix run

Question

I've been having issues integrating msal, with my remix-run application. If someone has docs or a resource that could shed light on this dev scenario that would be great. But not my main question. Since I was having trouble with it for about two weeks, decided to build it from scratch. Works flawlessly for authentication and can make all the api calls I originally wanted. With a lot less hassle as well. Other than authenticating with microsoft user accounts(and shiny objects like this), what are the benefits of msal? There must be some or else it wouldn't exist, I just can't find them in the millions of pages of docs that are available. Is there a approval process for web applications to incorporate their services, like google? If so, I'm assuming they will not approve the code since its not theirs. It wouldn't surprise me if there weren't any true benefits because micrsofts approach to products is to build more than any company on the planet rather than focus on the quality of a few products.

Answer 1

Hi @Skyler zanth ,

Thanks for reaching out.

There is no official documentation or sample available as of now for remix run application with MSAL.

However, there are third party samples available for remix with Microsoft Strategy https://remix.run/resources/remix-auth-microsoft-strategy

Regarding MSAL, it provides several benefits beyond just authentication. One of the key benefits is that it simplifies and manages acquiring, managing, caching, and refreshing tokens, and uses best practices for resilience. MSAL also supports different application architectures and platforms, including .NET, JavaScript, Java, Python, Android, and iOS. Additionally, MSAL provides several features including security fixes beyond June 2023, proactive token refresh and revocation based on policy or critical events for Microsoft Graph and other APIs that support Continuous Access Evaluation (CAE), and compliance with OAuth v2.0 and OpenID Connect (OIDC) standards.

Regarding the approval process for web applications to incorporate Microsoft services, Microsoft does have guidelines and processes for integrating with their services while it’s not identical to Google’s approval process, Microsoft ensures that developers adhere to security and usage policies. Approval is typically based on factors like proper authentication, secure practices, and adherence to terms of use to encourages developers to build quality applications that align with their standards.

I understand very product has its strengths and weaknesses, and Microsoft’s approach involves a wide range of offerings. While they do create many products, they also invest in maintaining and improving existing ones.

Hope this will help.

Thanks,

Shweta

Please remember to "Accept Answer" if answer helped you.

Answer 2

Unfortunately, the Remix Microsoft Strategy does not work with Azure B2C. You will have to use the Remix Auth Oauth2 library until an official strategy or until MSAL adds support for Remix.