TechQA.

SSO setup with Microsoft Identitiy using msal-browser & msal-react

97 views Asked by At

I am implementing SSO in React SPA with Microsoft identity & using "@azure/msal-browser": "^3.5.0" & "@azure/msal-react": "^2.0.7" as dependency.

Please refer the below sample app provided by Microsoft:

https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-react-samples

import { useMsal } from "@azure/msal-react";

const { instance } = useMsal()

let loginRequest = {
  scopes: ["user.read", "mail.send"]
}

const handleMSLLogin = () => {
 instance.acquireTokenPopup({ loginRequest }).then(response => {
  console.log(response) //This response contains JWT token with client information and is visible in network calls
})
 .catch(e => {
   console.log(e)
  })
 }

**My question, is it safe to use this implementation ? **

I am able to authenticate user with recommended authorization code flow but it seems this has security threat as JWT token returned is visible in network calls

reactjs single-sign-on azure-ad-msal msal-angular msal-react
Original Q&A
0

There are 0 answers

Related Questions in REACTJS

Related Questions in SINGLE-SIGN-ON

Related Questions in AZURE-AD-MSAL

Related Questions in MSAL-ANGULAR

Related Questions in MSAL-REACT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions