OpenID Connect and Azure AD - Demo App
This demo Node.js app shows how to use passport.js to implement OpenID Connect against Azure Active Directory (AD)
Try it out at https://oidc-demo.azurewebsites.net with any of the following test accounts:
First clone this repository
Configure Credentials as Environment Variables
If you want to try the demo locally you need to register an application with your Azure AD tenant. Once you've done that, note the client ID and secret.
For local development, create an
.env file based on template
.env.sample and fill it out with your application values, esp. the Azure AD Tenant IDs and the Client ID.
PORT=3000 TENANT_ID= CLIENT_ID= CLIENT_SECRET= …
Configuring OAuth Client
In your AAD "App Registration", aka OAuth Client, make sure you enable the "ID Token", which our app expects as defined in
Note that despite the "Implicit grant" heading, this demo does not use implicit flow, but rather authorization code flow using client credentials sent via backend channels.
Generate Secrets for Session
If you open app/config/oidc.js you will notice the app requires encryption keys for the cookie. To help you out, you can use this helper to generate keys
npm run generate-keys
Once you've configured everything, start up the nodejs application and redis server for sessions store.
docker-compose up --build