Rediger

Del via


Use the Microsoft Authentication Library for JavaScript to work with Azure AD B2C

The Microsoft Authentication Library for JavaScript (MSAL.js) enables JavaScript developers to authenticate users with social and local identities using Azure Active Directory B2C (Azure AD B2C).

By using Azure AD B2C as an identity management service, you can customize and control how your customers sign up, sign in, and manage their profiles when they use your applications.

Azure AD B2C also enables you to brand and customize the UI that your application displays during the authentication process.

Supported app types and scenarios

MSAL.js enables single-page applications to sign-in users with Azure AD B2C using the authorization code flow with PKCE grant. With MSAL.js and Azure AD B2C:

  • Users can authenticate with their social and local identities.
  • Users can be authorized to access Azure AD B2C protected resources (but not Microsoft Entra protected resources).
  • Users cannot obtain tokens for Microsoft APIs (for example, MS Graph API) using delegated permissions.
  • Users with administrator privileges can obtain tokens for Microsoft APIs (for example, MS Graph API) using delegated permissions.

For more information, see: Working with Azure AD B2C

Next steps

Follow the tutorial on how to: