{"id":23841743,"url":"https://github.com/playerony/validate-azure-ad-token","last_synced_at":"2025-07-07T15:34:55.992Z","repository":{"id":46721148,"uuid":"410243659","full_name":"playerony/validate-azure-ad-token","owner":"playerony","description":"Function to validate access token received from azure active directory. Useful when you're using a msal library to authenticate users on the frontend and you wanna verify Microsoft tokens in the API.","archived":false,"fork":false,"pushed_at":"2024-01-10T18:56:14.000Z","size":1426,"stargazers_count":12,"open_issues_count":2,"forks_count":7,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-06-08T06:08:13.334Z","etag":null,"topics":["axios","azure","azure-ad-jwt","azure-functions","graph-api","identity","jsonwebtoken","microsoft","msal","msal-browser","msal-library","msal-react","token","validation"],"latest_commit_sha":null,"homepage":"https://playerony.github.io/validate-azure-ad-token","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/playerony.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-25T10:34:36.000Z","updated_at":"2024-09-13T14:05:28.000Z","dependencies_parsed_at":"2025-01-02T18:11:49.542Z","dependency_job_id":null,"html_url":"https://github.com/playerony/validate-azure-ad-token","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/playerony/validate-azure-ad-token","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/playerony%2Fvalidate-azure-ad-token","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/playerony%2Fvalidate-azure-ad-token/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/playerony%2Fvalidate-azure-ad-token/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/playerony%2Fvalidate-azure-ad-token/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/playerony","download_url":"https://codeload.github.com/playerony/validate-azure-ad-token/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/playerony%2Fvalidate-azure-ad-token/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264103481,"owners_count":23557947,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["axios","azure","azure-ad-jwt","azure-functions","graph-api","identity","jsonwebtoken","microsoft","msal","msal-browser","msal-library","msal-react","token","validation"],"created_at":"2025-01-02T18:01:39.490Z","updated_at":"2025-07-07T15:34:55.942Z","avatar_url":"https://github.com/playerony.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Validate Azure AD Token\n\n[![npm](https://img.shields.io/npm/v/validate-azure-ad-token.svg)](https://www.npmjs.com/package/validate-azure-ad-token)\n![types](https://img.shields.io/badge/types-typescript%20%7C%20flow-blueviolet)\n[![minzip](https://img.shields.io/bundlephobia/minzip/validate-azure-ad-token.svg)](https://www.npmjs.com/package/validate-azure-ad-token)\n[![downloads per month](https://img.shields.io/npm/dm/validate-azure-ad-token.svg)](https://www.npmjs.com/package/validate-azure-ad-token)\n[![issues](https://img.shields.io/github/issues/playerony/validate-azure-ad-token.svg)](https://www.npmjs.com/package/validate-azure-ad-token)\n[![license](https://img.shields.io/github/license/playerony/validate-azure-ad-token)](https://www.npmjs.com/package/validate-azure-ad-token)\n\nThis is a function that can be used to validate an access token received from Azure Active Directory. It is particularly useful when you're using a MSAL library to authenticate users on the frontend and you want to verify Microsoft tokens in the API.\n\n# Documentation\n\nFor more information about the required props to validate your token and the library itself, please refer to the **[API Documentation](https://playerony.github.io/validate-azure-ad-token)**\n\n# Installation\n\n```js\n  yarn add validate-azure-ad-token\n  npm install validate-azure-ad-token\n```\n\n# Validation Steps\n\n1. Verify if all required props are passed in.\n2. Decode the token using the **[jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken)** library.\n3. Send a request to `https://login.microsoftonline.com/{tenantId}/discovery/keys?appid={applicationId}` to receive all public keys unique to your `applicationId` and `tenantId`. This action is cached after one successful attempt.\n4. Verify all required access token claims: `aud`, `tid`,`iss`,`scp`, `appid`, `exp`.\n5. If the comparison succeeds, the token is valid.\n\n# Example\n\n```js\nconst validate = require('validate-azure-ad-token').default;\n\ntry {\n  const decodedToken = await validate('YOUR_MICROSOFT_ACCESS_TOKEN', {\n    tenantId: 'YOUR_TENANT_ID',\n    audience: 'YOUR_AUDIENCE_ID',\n    applicationId: 'YOUR_APPLICATION_ID',\n    scopes: 'YOUR_SCOPES', // for example [\"User.Read\"]\n  });\n\n  // DO WHATEVER YOU WANT WITH YOUR DECODED TOKEN\n} catch (error) {\n  // ALL ERRORS GONNA SHOW HERE AS A STRING VALUE\n}\n```\n\n# Usage\n\nIf you are using a **[@azure/msal-react](https://www.npmjs.com/package/@azure/msal-react)** or **[@azure/msal-browser](https://www.npmjs.com/package/@azure/msal-browser)** on the frontend site and you want to verify your Microsoft access token on your node server.\n\n# License\n\nThis project is licensed under the MIT License - see the LICENSE file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplayerony%2Fvalidate-azure-ad-token","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fplayerony%2Fvalidate-azure-ad-token","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplayerony%2Fvalidate-azure-ad-token/lists"}