I would like to authenticate a user that's received an JWT token issued by AD via an Express app in order for them to access API endpoints.
Currently, I have a frontend React app and I have registered the app with Azure. I am using @azure/msal-react npm package to authenticate the user. That part is working great, users can log in and get a token just fine!
Now I want to take that token and pass it somehow to the express app for validation....
I setup test logic that follows the SOF link below (see link) and I inserted my own token for testing to see if I can see a decoded jwt token.
How to use Jsonwebtoken NPM package to verify JWT token issued by Azure AD?
I am getting the header back, which includes a nonce, alg, x5t, and kid value but I am not getting the actual body of the token back. the variable " decoded" which is:
var decoded = jwt.decode(token, {complete: true});
var header = decoded.header
is coming back as "undefined"
What is the best way for receiving an Azure AD bearer JWT token in an express endpoint, then verifying/validating it ?
Any tips would be greatly appreciated!
