A small Node.js Web API for Azure AD B2C that shows how to protect your web api and accept B2C access tokens using Passport.js.
Switch branches/tags
Nothing to show
Clone or download
Latest commit beead6d Jun 13, 2018
Failed to load latest commit information.
.gitignore Initial commit May 2, 2017
LICENSE Initial commit May 2, 2017
README.md Fixing metadata Jun 13, 2018
index.js Fix for Azure websites May 3, 2017
package.json Fix for Azure websites May 3, 2017
process.json Fix for Azure websites May 3, 2017


services platforms author

Node.js Web API with Azure AD B2C

This sample demonstrates how to protect a Node.js web API with Azure AD B2C using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, you will need to replace the client ID.

We have deployed this API to Azure to allow testing without running it locally. Checkout one of the apps in Next Steps to use it!

Steps to Run

  1. Clone the code.

    git clone https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi

  2. Make sure you've installed Node.

  3. Install the node dependencies:

    npm install && npm update
  4. Run the Web API! By default it will run on http://localhost:5000.

    node index.js

Next Steps

The /hello endpoint in this sample is protected so an authorized request to it requires an access token in the header. You can make authorized requests to this web API using an iOS App or Android App. Make sure to update the app configs if you want it to point to your local hello api.

Alternatively, you can register your own app and point to this web API.

Customize your user experience further by supporting more identity providers. Checkout the docs belows to learn how to add additional providers:






Questions & Issues

Please file any questions or problems with the sample as a GitHub issue. You can also post on Stackoverflow with the tag azure-ad-b2c. For OAuth2.0 library issues, please see note below.