Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSAL in a SPA - Web App - Web API scenario #7353

Open
johnwc opened this issue Oct 1, 2024 · 2 comments
Open

MSAL in a SPA - Web App - Web API scenario #7353

johnwc opened this issue Oct 1, 2024 · 2 comments
Labels
feature-unconfirmed msal-browser Related to msal-browser package Needs: Attention 👋 Awaiting response from the MSAL.js team no-issue-activity Issue author has not responded in 5 days public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.

Comments

@johnwc
Copy link

johnwc commented Oct 1, 2024

Core Library

MSAL.js (@azure/msal-browser)

Wrapper Library

Not Applicable

Public or Confidential Client?

Public

Description

We need information on how to go about setting up MSAL for the scenario bellow, so that each can authenticate the user to be able to render correct UI as well as make requests in the API as the user.

We have three areas we are working with.

  1. A ASP.Net web site with backend code that populates pages for the logged in user. (Changes the menu when a user is logged in, giving them menu options they have access to as well as a [user] menu in top right for user menu.)
  2. SPA-like web components on each page written in Vue 3 that interact with the API server.
  3. An API server written in .Net 8

What is the best way to implement this setup using MSAL, where all steps can be authenticated using the token from MSAL? How do we share the token with the vue js SPA-like so it can call the API server?

Source

External (Customer)
@johnwc johnwc added feature-unconfirmed question Customer is asking for a clarification, use case or information. labels Oct 1, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label Oct 1, 2024
@github-actions github-actions bot added msal-browser Related to msal-browser package public-client Issues regarding PublicClientApplications labels Oct 1, 2024
@tnorling
Copy link
Collaborator

tnorling commented Oct 8, 2024

What you're looking for here is the Hybrid SPA flow

Your backend and SPA each need to acquire their own tokens (don't pass tokens back and forth between frontend and backend), however, you can do this with a single interaction with the login service. See the sample linked above, it uses node for the backend but .NET is supported in this flow as well.

@microsoft-github-policy-service microsoft-github-policy-service bot added Needs: Author Feedback Awaiting response from issue author no-issue-activity Issue author has not responded in 5 days and removed Needs: Attention 👋 Awaiting response from the MSAL.js team labels Oct 8, 2024
@johnwc
Copy link
Author

johnwc commented Oct 14, 2024

Not stale, still testing

@microsoft-github-policy-service microsoft-github-policy-service bot added Needs: Attention 👋 Awaiting response from the MSAL.js team and removed Needs: Author Feedback Awaiting response from issue author labels Oct 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-unconfirmed msal-browser Related to msal-browser package Needs: Attention 👋 Awaiting response from the MSAL.js team no-issue-activity Issue author has not responded in 5 days public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johnwc @tnorling