2

I'm currently working on a project that has a frontend built with React and is using authentication from Azure AD. I'm using the MSAL-React package on the frontend to handle login.

When a user makes an API request to the backend, I want them to send along the token they acquired from MSAL and make sure the backend interfaces with Azure AD to verify that the token is legitimate and has the correct access level to access certain route. Ideally, I'd just be able to pass the provided token to an Azure AD API route somewhere and have it return the user info associated with that token.

Tldr: MSAL-React on the front end, want to get user info from provided token on the backend to verify legitimacy.

Devon S.
  • 21
  • 2

1 Answers1

1

You seem to be describing an Introspection endpoint, which is not available on AAD: https://www.oauth.com/oauth2-servers/token-introspection-endpoint/

With AAD, the accessToken is validated on the API itself, normally with the aid of a middleware component, which will validated the token signature and the claims inside it.

Check one of this official MS samples, which uses a React frontend with a Node.js API: https://github.com/Azure-Samples/ms-identity-javascript-react-tutorial/tree/main/3-Authorization-II/1-call-api

Sérgio Correia
  • 446
  • 2
  • 3