MicrosoftProvider

Reference doc for the `MicrosoftProvider`.

Use this provider to authenticate with Microsoft. Supports both OAuth2 and OIDC.

Using OAuth

import { MicrosoftProvider } from "@openauthjs/openauth/provider/microsoft"

export default issuer({
  providers: {
    microsoft: MicrosoftProvider({
      tenant: "1234567890",
      clientID: "1234567890",
      clientSecret: "0987654321"
    })
  }
})

Using OIDC

import { MicrosoftOidcProvider } from "@openauthjs/openauth/provider/microsoft"

export default issuer({
  providers: {
    microsoft: MicrosoftOidcProvider({
      clientID: "1234567890"
    })
  }
})

Methods

MicrosoftOidcProvider

MicrosoftOidcProvider(config)

Parameters

config MicrosoftOidcConfig
The config for the provider.

Returns Provider

Create a Microsoft OIDC provider.

This is useful if you just want to verify the user’s email address.

MicrosoftOidcProvider({
  clientID: "1234567890"
})

MicrosoftProvider

MicrosoftProvider(config)

Parameters

config MicrosoftConfig
The config for the provider.

Returns Provider

Create a Microsoft OAuth2 provider.

MicrosoftProvider({
  tenant: "1234567890",
  clientID: "1234567890",
  clientSecret: "0987654321"
})

MicrosoftConfig

clientID string
clientSecret string
pkce? boolean
query? Record<string, string>
scopes string[]
tenant string

MicrosoftConfig.clientID

Type string

The client ID.

This is just a string to identify your app.

{
  clientID: "my-client"
}

MicrosoftConfig.clientSecret

Type string

The client secret.

This is a private key that’s used to authenticate your app. It should be kept secret.

{
  clientSecret: "0987654321"
}

MicrosoftConfig.pkce?

Type boolean

Default false

Whether to use PKCE (Proof Key for Code Exchange) for the authorization code flow. Some providers like x.com require this.

MicrosoftConfig.query?

Type Record<string, string>

Any additional parameters that you want to pass to the authorization endpoint.

{
  query: {
    access_type: "offline",
    prompt: "consent"
  }
}

MicrosoftConfig.scopes

Type string[]

A list of OAuth scopes that you want to request.

{
  scopes: ["email", "profile"]
}

MicrosoftConfig.tenant

Type string

The tenant ID of the Microsoft account.

This is usually the same as the client ID.

{
  tenant: "1234567890"
}

MicrosoftOidcConfig

clientID string
query? Record<string, string>
scopes? string[]

MicrosoftOidcConfig.clientID

Type string

The client ID.

This is just a string to identify your app.

{
  clientID: "my-client"
}

MicrosoftOidcConfig.query?

Type Record<string, string>

Any additional parameters that you want to pass to the authorization endpoint.

{
  query: {
    prompt: "consent"
  }
}

MicrosoftOidcConfig.scopes?

Type string[]

A list of OIDC scopes that you want to request.

{
  scopes: ["openid", "profile", "email"]
}