| CARVIEW |
Select Language
HTTP/2 200
date: Fri, 25 Jul 2025 04:07:29 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"2fff812a5d41cde685b6aa3374102b7a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=u77Yh1donQ8LETavuCOL0QSPaVzguLJFvfnRKpdiagW8dRIjwLpsDBEsxBoDuLY1B%2FbqJcaGVecP9af%2Fmtsr8NUVezzWChxX1N6wllacnAn804i%2FF2Biv%2BY%2B3iRV%2BpDSBb3frj15RRDuSYXkzk8t2nNsH5tAOqDOKSnLjotOos%2BGmJRcVotMz0suOfi4CaUGxHReAW3VLgEfHV%2ByyNA9%2BOYy0CMI2IkjKfJJ79eYufMgH3fLM6%2BwLGVEXqun5nAkSefr2Cx3cmOTgfYiRjyijg%3D%3D--eow1HF31NSt4RCb9--l9MV46YRNOQvXqa8%2FV3P8w%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.8330460.1753416449; Path=/; Domain=github.com; Expires=Sat, 25 Jul 2026 04:07:29 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sat, 25 Jul 2026 04:07:29 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: 8DC0:1256D3:15C1D0:1F2604:68830301
Home · AzureAD/microsoft-authentication-library-for-js Wiki · GitHub
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Home
Thomas Norling edited this page Apr 10, 2021
·
57 revisions
The Microsoft Authentication Library of JavaScript (MSAL.JS) is a token based authentication library for Single Page Applications. MSAL.JS enables you to acquire tokens from Azure AD to authenticate users and access Microsoft APIs such as Microsoft Graph or any API registered with Azure AD. MSAL.JS authenticate users with work or school accounts in Azure AD(AAD), Microsoft personal accounts (MSA) and accounts with social identity providers like Facebook, Google, Micosoft Accounts, etc. through Azure AD B2C service.
- Understand Single Page Application scenarios
- Register your app with Azure AD
- Initialize your application
- Acquire tokens to access Web APIs
- Review vanillaJS and Angular quickstart guides.
To sign-in users and acquire access tokens:
- MSAL.js v1.x implements OAuth 2.0 Implicit Grant Flow.
- MSAL.js v2.x implements OAuth 2.0 Authorization Code Flow with PKCE.
- Click here to view the roadmap.
- Click here to view release.
Clone this wiki locally
You can’t perform that action at this time.