ReAuthentication using PopUP(Auth Code Grant Flow)

Subramanyam k 251 Reputation points
2020-07-31T09:18:08.757+00:00

Hi,

This is for re-authenticating the User using a Pop-Up. Can we use the MSAL.js library with Authorization Grant Flow to serve this purpose.

If so can you please let us know the implementation steps for the same.

Thanks,
Subbu

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,470 questions
0 comments
Accepted answer
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-07-31T13:23:20.957+00:00

    @Subramanyamk-9132, When we speak about Authorization-Code Grant flow, it goes by the steps mentioned here, OAuth protocol itself is an authorization protocol. When you are making a call to the AAD, as a response you would get the access-token (and id_token if requested for in the request).

    The Authentication and Authorization go hand in hand. When you say that you are just looking for the authentication part and not an authorization, can you let me know what is the end response you are expecting for your application to work? Ideally in Authorization-Code Grant flow, you first call the /authorize endpoint to get authorization code and then you use that authorization code to get posted on the /token endpoint of AAD to get an access token. The authorization code itself is issued by AAD after authenticating the user's credentials and then asks for authorization if there are API permissions available through the consent framework. This is how that flow works.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-07-31T10:35:03.453+00:00

    @Subramanyam k , Thank you for reaching out. Yes, you can use MSAL.js V2.0 and implement Authorization-Code Grant flow and get the pop-up for the user to enter the credentials.

    You can find more details here: https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-auth-code#:~:text=After%20a%20successful%20sign%2Din,application%20and%20processed%20by%20msal.

    Hope this helps.

    Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    0 comments
  2. Subramanyam k 251 Reputation points
    2020-07-31T12:08:21.327+00:00

    Hi @soumi-MSFT ,

    Thank You for the Information.

    We do have any option of not getting the access token. In the above sample we are getting the access token, but my requirement is just to authenticate the user not to call any API's.

    Thanks,
    Subbu