Tutorial: Enable your React single-page application to sign-in users and call APIs with the Microsoft identity platform
The Microsoft identity platform, along with Azure Active Directory (Azure AD) and Azure Azure Active Directory B2C (Azure AD B2C) are central to the Azure cloud ecosystem. This tutorial aims to take you through the fundamentals of modern authentication with React, using the Microsoft Authentication Library for React (MSAL React).
We recommend following the chapters in successive order. However, the code samples are self-contained, so feel free to pick samples by topics that you may need at the moment.
ℹ️ Samples in this tutorial use functional React components. If you want to use MSAL React with class-based React components, see: Docs: Class Components
- Node.js
- Visual Studio Code
- A modern web browser (to use popup experience during sign-in and token acquisition, your browser should allow popups.)
Please refer to each sample's README for sample-specific prerequisites.
- jwt.ms for inspecting your tokens
- Fiddler for monitoring your network activity and troubleshooting
- Check MSAL.js FAQ and MSAL React FAQ for your questions
- Follow the Azure AD Blog to stay up-to-date with the latest developments
Please refer to each sample's README for sample-specific recommendations.
Alternatively, choose below the sample you want to review.
 |
Sign-in with Azure AD Sign-in your users with the Azure AD and learn to work with ID Tokens. Learn how single sign-on (SSO) works. Learn to secure your apps to operate in national clouds. |
 |
Sign-in with Azure AD B2C Sign-in your customers with Azure AD B2C. Learn to integrate with external social identity providers. Learn how to use user-flows and custom policies. |
 |
Updated: Get an Access Token from Azure AD and call Microsoft Graph Authenticate your users and acquire an Access Token for Microsoft Graph and then call the Microsoft Graph API. |
 |
Updated: Protect and call a web API on Azure AD Protect your web API with the Azure AD. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected web API. |
 |
Protect and call a web API on Azure AD B2C Protect your web API with Azure AD B2C. Use a client application to sign-in a user, acquire an Access Token for your web API and call your protected web API. |
 |
Deploy to Azure Storage and App Service Prepare your SPA for deployment to Azure storage and your API to App Service. Learn how to package and upload your files. Learn how to configure authentication parameters and use Azure services for managing your operations. |
 |
Deploy to Azure Static Web Apps Prepare your app for deployment to Azure Static Web Apps. Learn how to protect and call an Azure Function API. Learn how to configure authentication parameters and use Azure services for managing your operations. |
 |
Updated: Use App Roles for access control Define App Roles and use roles claim in a token to implement Role-based Access Control (RBAC) for your SPA and protected web API. |
 |
Updated: Use Security Groups for access control Create Security Groups and use groups claim in a token to implement Role-based Access Control (RBAC) for your SPA and protected web API. Handle overage scenarios. |
 |
Updated: Call a web API that calls Microsoft Graph on behalf of a user Enhance your protected web API to acquire an Access Token for Microsoft Graph on-behalf-of a user signed-in to the client app. Enable Conditional Access for your downstream API and handle MFA requirement. |
 |
Updated: Call a web API using Proof of Possession tokens Acquire proof of possession (PoP) tokens. Learn how to prevent token replay attacks with PoP authentication scheme. Learn how to validate PoP tokens. |
 |
Updated: Use Conditional Access Authentication Context Enable conditional access for your web API. Use auth context to implement granular access control to resources. Handle claims challenge in client applications. |
Learn more about the Microsoft identity platform:
- Microsoft identity platform
- Azure Active Directory B2C
- Overview of Microsoft Authentication Library (MSAL)
- Application types for Microsoft identity platform
- Understanding Azure AD application consent experiences
- Understand user and admin consent
- Application and service principal objects in Azure Active Directory
- Microsoft identity platform best practices and recommendations
See more code samples: