You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: msal-javascript-conceptual/node/certificate-credentials.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,7 +42,7 @@ See the MSAL sample: [auth-code-with-certs](https://github.com/AzureAD/microsoft
42
42
43
43
### Registering certificates
44
44
45
-
If you do not have a certificate, you can create a self-signed certificate [using PowerShell](https://learn.microsoft.com/powershell/module/pki/new-selfsignedcertificate?view=windowsserver2022-ps) or using [Azure KeyVault](https://azure.microsoft.com/products/key-vault#layout-container-uida0cf).
45
+
If you do not have a certificate, you can create a self-signed certificate [using PowerShell](/powershell/module/pki/new-selfsignedcertificate?view=windowsserver2022-ps) or using [Azure KeyVault](https://azure.microsoft.com/products/key-vault#layout-container-uida0cf).
46
46
47
47
You need to upload your certificate to **Microsoft Entra ID**.
48
48
@@ -51,7 +51,7 @@ You need to upload your certificate to **Microsoft Entra ID**.
51
51
3. Click on **Upload** certificate and select the certificate file to upload (e.g. *example.crt*).
52
52
4. Click **Add**. Once the certificate is uploaded, the *thumbprint*, *start date*, and *expiration* values are displayed.
53
53
54
-
For more information, see: [Register your certificate with Microsoft identity platform](https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-microsoft-identity-platform)
54
+
For more information, see: [Register your certificate with Microsoft identity platform](/entra/identity-platform/certificate-credentials#register-your-certificate-with-microsoft-identity-platform)
55
55
56
56
### Initializing MSAL Node with certificates
57
57
@@ -166,7 +166,7 @@ function convertPFX(pfx, passphrase = null) {
166
166
167
167
### (Optional) Creating an HTTPS server
168
168
169
-
The OAuth 2.0 protocol recommends using an HTTPS connection whenever possible. Most cloud services like Azure App Service will provide HTTPS connection by default via proxy. If for testing purposes you would like to setup your own HTTPS server, see the [Node.js HTTPS guide](https://nodejs.org/knowledge/HTTP/servers/how-to-create-a-HTTPS-server/).
169
+
The OAuth 2.0 protocol recommends using an HTTPS connection whenever possible. Most cloud services like Azure App Service will provide HTTPS connection by default via proxy. If for testing purposes you would like to setup your own HTTPS server, see the [Node.js HTTPS guide](/dotnet/framework/wcf/feature-details/how-to-view-certificates-with-the-mmc-snap-in).
170
170
171
171
You'll also need to add your self-signed certificates to the *credential manager* / *key chain* of your **OS** to bypass the browser's security policy. You may still see a warning in your browser afterwards (e.g. Chrome).
172
172
@@ -228,4 +228,4 @@ const cca = new msal.ConfidentialClientApplication(config);
|`clientId`| App ID of your application. Can be found in your app registration in the Microsoft Entra admin center[portal registration](../README.md#prerequisites). | UUID/GUID | None. This parameter is required in order for MSAL to perform any actions. |
85
+
|`clientId`| App ID of your application. Can be found in your app registration in the Microsoft Entra admin center app registration. | UUID/GUID | None. This parameter is required in order for MSAL to perform any actions. |
86
86
|`authority`| URI of the tenant to authenticate and authorize with. Usually takes the form of `https://{uri}/{tenantid}`| String in URI format with tenant - `https://{uri}/{tenantid}`|`https://login.microsoftonline.com/common`|
87
87
|`knownAuthorities`| An array of URIs that are known to be valid. Used in B2C scenarios. | Array of strings in URI format | Empty array `[]`|
88
88
|`cloudDiscoveryMetadata`| A string containing the cloud discovery response. Used in Microsoft Entra scenarios. See [Performance](../browser/performance.md) for more info | string | Empty string `""`|
89
89
|`authorityMetadata`| A string containing the .well-known/openid-configuration endpoint response. See [Performance](../browser/performance.md) for more info | string | Empty string `""`|
90
90
|`clientCapabilities`| Array of capabilities to be added to all network requests as part of the `xms_cc` claims request | Array of strings |[]|
91
91
|`protocolMode`| Enum representing the protocol mode to use. If `"AAD"`, will function on the Microsoft Entra v2 endpoints; if `"OIDC"`, will function on OIDC-compliant endpoints. | string |`"AAD"`|
92
-
|`azureCloudOptions`| A defined set of azure cloud options for developers to default to their specific cloud authorities, for specific clouds supported please refer to the [AzureCloudInstance](aka.ms/msaljs/azure_cloud_instance)|[AzureCloudOptions](/javascript/api/@azure/msal-node/#azurecloudoptions)|[AzureCloudInstance.None](msaljs/azure_cloud_instance)|
92
+
|`azureCloudOptions`| A defined set of azure cloud options for developers to default to their specific cloud authorities, for specific clouds supported please refer to the [AzureCloudInstance](https://azuread.github.io/microsoft-authentication-library-for-js/ref/types/_azure_msal_node.AzureCloudInstance.html)|[AzureCloudOptions](/javascript/api/@azure/msal-node/#azurecloudoptions)|[AzureCloudInstance.None](msaljs/azure_cloud_instance)|
93
93
|`skipAuthorityMetadataCache`| A flag to choose whether to use the local metadata cache during authority initialization. Metadata cache would be used if no authority metadata is provided in configuration and before a network call for metadata has been made | boolean |`false`|
Copy file name to clipboardExpand all lines: msal-javascript-conceptual/node/faq.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -80,7 +80,7 @@ If you want to work around this, please note:
80
80
81
81
### How do I implement self-service sign-up with MSAL Node?
82
82
83
-
MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](/javascript/api/@azure/msal-node/authorizationurlrequest) for supported prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to be made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments.
83
+
MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](/javascript/api/@azure/msal-node/authorizationurlrequest) for supported prompt values in the request and their expected outcomes, and [here](https://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to be made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments.
84
84
85
85
### Why doesn't my app function correctly when it's running behind a proxy?
86
86
@@ -94,9 +94,9 @@ Developers can use a custom http(s) agent by providing a `customAgentOptions` ob
94
94
95
95
### How do I handle the password-reset user-flow?
96
96
97
-
The [new password reset experience](https://docs.microsoft.com/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-user-flow#self-service-password-reset-recommended) is now part of the sign-up or sign-in policy. When the user selects the **Forgot your password?** link, they are immediately sent to the Forgot Password experience.
97
+
The [new password reset experience](/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-user-flow#self-service-password-reset-recommended) is now part of the sign-up or sign-in policy. When the user selects the **Forgot your password?** link, they are immediately sent to the Forgot Password experience.
98
98
99
-
Our recommendation is to move to the new password reset experience since it simplifies the app state and reduces error handling on the user-end. If for some reason you have to use the legacy password-reset user-flow, you'll have to handle the `AADB2C90118` error code returned from B2C service when a user selects the **Forgot your password?** link. To see how this is done, refer to the sample: [MSAL Node B2C web app sample (using auth code)](../../../samples/msal-node-samples/b2c-user-flows/README.md)
99
+
Our recommendation is to move to the new password reset experience since it simplifies the app state and reduces error handling on the user-end. If for some reason you have to use the legacy password-reset user-flow, you'll have to handle the `AADB2C90118` error code returned from B2C service when a user selects the **Forgot your password?** link. To see how this is done, refer to the sample: [MSAL Node B2C web app sample (using auth code)](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/b2c-user-flows)
0 commit comments