!CI

Azure AD Verify Token

Verify JWT issued by Azure Active Directory B2C.

Table of Contents

- Features
- Installation
- Usage
- References
- Development

Features

- 🎉 Verify JWT issued by Azure Active Directory B2C.
- 🚀 Automatically use the rotated public keys from Azure.
- 💪 Written in TypeScript.
- ♻️ Configurable cache for public keys.

Installation

``bash
npm install azure-ad-verify-token --save
`

Usage

$3

`ts
import { verify, VerifyOptions } from 'azure-ad-verify-token';

const options: VerifyOptions = {
jwksUri:
'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1',
issuer:
'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/',
audience: '99d1275c-e805-483f-b832-600f8130829c',
};

verify(token, options)
.then((decoded) => {
// verified and decoded token
console.log(decoded);
})
.catch((error) => {
// invalid token
console.error(error);
});
`

Verify options:

| Property | Type | Description |
| ---------- | -------- | ----------------------------------------------------------- |
| jwksUri | string | jwk_uri value obtained from B2C policy metadata endpoint. |
| issuer | string | issuer value obtained from B2C policy metadata endpoint. |
| audience | string | Application ID of the application accessing the tenant. |

Example metadata endpoints:

- https://login.microsoftonline.com/common/.well-known/openid-configuration
- https://login.microsoftonline.com/common/discovery/keys

$3

`ts
import { setConfig } from 'azure-ad-verify-token';

setConfig({
cacheLifetime: 12 (60 60 * 1000), // 12 hours
});
`

Configuration options:

| Property | Type | Description | Default |
| --------------- | -------- | -------------------------------------------- | ------- |
| cacheLifetime | number | Number of milliseconds to cache public keys. | 1 hour |

References

- Overview of tokens in Azure Active Directory B2C
- Microsoft identity platform access tokens
- RSA Key Converter

Development

`
npm install
npm run build
``