Node.js 適用的 Azure Active Directory 模組Azure Active Directory modules for Node.js

概觀Overview

重要

強烈建議您使用 Microsoft Graph 取代 Azure AD Graph API 來存取 Azure Active Directory 資源。We strongly recommend that you use Microsoft Graph instead of Azure AD Graph API to access Azure Active Directory resources. 我們的開發工作現在是針對 Microsoft Graph,並沒有針對 Azure AD Graph API 規劃的進一步增強功能 。Our development efforts are now concentrated on Microsoft Graph and no further enhancements are planned for Azure AD Graph API. 有極少數的案例可能仍適用 Azure AD Graph API;如需詳細資訊,請參閱 Office 開發人員中心的 Microsoft Graph 或 Azure AD Graph 部落格文章。There are a very limited number of scenarios for which Azure AD Graph API might still be appropriate; for more information, see the Microsoft Graph or the Azure AD Graph blog post in the Office Dev Center.

適用於 Node.js 的 Azure Active Directory 驗證程式庫 (ADAL) 可讓 Node.js 應用程式向 AAD 驗證,以便存取 AAD 保護的 Web 資源。The Azure Active Directory Authentication Library (ADAL) for Node.js enables Node.js applications to authenticate to AAD in order to access AAD protected web resources.

用戶端封裝Client package

安裝 npm 模組Install the npm modules

使用 npm 來安裝 Azure 儲存體用戶端或管理模組。Use npm to install the Azure storage client or management modules.

npm install adal-node

範例Example

來自用戶端認證範例的這個範例說明如何透過用戶端認證進行伺服器對伺服器驗證。This example from the client credentials sample illustrates server-to-server authentication via client credentials.

const adal = require('adal-node').AuthenticationContext;

const authorityHostUrl = 'https://login.windows.net';
const tenant = 'your-tenant-id';
const authorityUrl = authorityHostUrl + '/' + tenant;
const clientId = 'your-client-id';
const clientSecret = 'your-client-secret';
const resource = 'your-app-id-uri';

const context = new adal(authorityUrl);

context.acquireTokenWithClientCredentials(
  resource,
  clientId,
  clientSecret,
  (err, tokenResponse) => {
    if (err) {
      console.log(`Token generation failed due to ${err}`);
    } else {
      console.dir(tokenResponse, { depth: null, colors: true });
    }
  }
);

範例Samples

Azure Active DirectoryAzure Active Directory
使用 Azure AD 保護 Web APISecuring a web API with Azure AD 使用 Azure AD 和 OAuth 2.0 存取權杖保護的 NodeJS Web API。A NodeJS web API that is secured using Azure AD and OAuth 2.0 access tokens.
將 Azure AD 整合到 NodeJS Web 應用程式中Integrating Azure AD into a NodeJS web application 可向 OpenID Connect 驗證 Azure AD 使用者的 NodeJS Web 應用程式。A NodeJS web application that authenticates Azure AD users with OpenID Connect.

深入探索可在應用程式中使用的 Node.js 程式碼範例Explore more sample Node.js code you can use in your apps.