MSAL provider

The MSAL Provider uses MSAL.js to sign in users and acquire tokens to use with the Microsoft Graph.

To learn more, see providers.

Get started

You can initialize the MSAL provider in HTML or JavaScript.

Initialize in your HTML page

Initializing the MSAL provider in HTML is the simplest way to create a new provider. Use the mgt-msal-provider component to set the client-id and other properties. This will create a new UserAgentApplication instance that will be used for all authentication and acquiring tokens.

<mgt-msal-provider client-id="<YOUR_CLIENT_ID>"
                   login-type="redirect/popup"
                   scopes="user.read,people.read"
                   authority=""></mgt-msal-provider>
Attribute Description
client-id String client ID (see Creating an app/client ID). Required.
login-type Enumeration between redirect and popup - default value is redirect. Optional.
scopes Comma separated strings for scopes the user must consent to on sign in. Optional.
authority Authority string - default is the common authority. For single-tenant apps, use your tenant ID or tenant name. For example, https://login.microsoftonline.com/[your-tenant-name].onmicrosoft.com or https://login.microsoftonline.com/[your-tenant-id]. Optional.
depends-on Element selector string of another higher priority provider component. Optional.

Initialize in JavaScript

You can provide more options by initializing the provider in JavaScript.

import {Providers, MsalProvider} from '@microsoft/mgt'
import {UserAgentApplication} from "msal";

Providers.globalProvider = new MsalProvider(config: MsalConfig);

where MsalConfig is:

interface MsalConfig {
  clientId: string;
  scopes?: string[];
  authority?: string;
  loginType?: LoginType;
  options?: Configuration; // msal js Configuration object
}

You must provide a clientId (to create a new UserAgentApplication).

To learn more about MSAL.js and for additional options you can use when initializing the MSAL library, see the MSAL documentation.

Creating an app/client ID

For details about how to register an app and get a client ID, see the Register an app quick start.

Note: MSAL only supports the Implicit Flow for OAuth. Make sure to enable Implicit Flow in your application in the Azure Portal (it is not enabled by default). Under Authentication, find the Implicit grant section and select the checkboxes for Access tokens and ID tokens. To use the common authority, set Account in any organizational directory. To use a specific tenant, set the authority during initialization.