{"library":"remix-auth-microsoft","title":"Remix Auth Microsoft Strategy","description":"remix-auth-microsoft is a dedicated strategy for remix-auth that enables authentication against Microsoft Active Directory (work/school accounts) and personal Microsoft accounts (Skype, Xbox, Outlook.com). It extends remix-auth-oauth2 and simplifies the integration of Microsoft's OAuth 2.0 flow into Remix applications. The current stable version is 3.0.1, with major version releases often correlating with updates to its underlying remix-auth and remix-auth-oauth2 dependencies, alongside patch releases for bug fixes. Key differentiators include its tight integration with the Remix ecosystem via remix-auth, support for both Node.js and Cloudflare runtimes, and explicit guidance for multi-tenant and single-tenant configurations. It handles the intricacies of Microsoft's authentication endpoints, abstracting much of the OAuth 2.0 implementation details for developers, making it easier to implement secure Microsoft authentication flows in Remix applications.","language":"javascript","status":"active","last_verified":"Wed Apr 22","install":{"commands":["npm install remix-auth-microsoft"],"cli":null},"imports":["import { MicrosoftStrategy } from 'remix-auth-microsoft';","import { Authenticator } from 'remix-auth';","let profile = await MicrosoftStrategy.userProfile(accessToken);"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"// app/services/auth.server.ts\nimport { MicrosoftStrategy } from \"remix-auth-microsoft\";\nimport { Authenticator } from \"remix-auth\";\n\ninterface User {\n id: string;\n // ... other user properties\n}\n\nexport let authenticator = new Authenticator(/* SessionStorage */);\n\nlet microsoftStrategy = new MicrosoftStrategy(\n {\n clientId: process.env.MICROSOFT_CLIENT_ID ?? '',\n clientSecret: process.env.MICROSOFT_CLIENT_SECRET ?? '',\n redirectURI: process.env.MICROSOFT_REDIRECT_URI ?? 'http://localhost:3000/auth/microsoft/callback',\n tenantId: process.env.MICROSOFT_TENANT_ID, // optional for multi-tenant apps\n scopes: ['openid', 'profile', 'email', 'offline_access'], // recommended scopes\n prompt: 'select_account' // 'login', 'consent', 'none', 'select_account'\n },\n async ({ request, tokens, profile }) => {\n // Here you can fetch the user from your database or create a new user\n // based on the profile data from Microsoft.\n // `tokens` contains accessToken, refreshToken, idToken, etc.\n // `profile` contains basic user info parsed from the ID token or user info endpoint.\n\n // Example: Using a placeholder User.findOrCreate\n // It's crucial to use a reliable identifier like 'sub' from the ID token\n // or 'id' from the user profile, not email, to prevent spoofing.\n\n const userProfileId = profile.id; // or profile.sub from the ID token\n if (!userProfileId) {\n throw new Error(\"Could not get user ID from Microsoft profile.\");\n }\n\n // Replace with your actual user management logic\n const user = { id: userProfileId, email: profile.emails?.[0]?.value || 'unknown@example.com' };\n console.log(`Authenticated user: ${user.id} (${user.email})`);\n\n // The returned object is stored in the session by the authenticator\n return user;\n }\n);\n\nauthenticator.use(microsoftStrategy, \"microsoft\");\n\n// Example of a route to initiate authentication\n// app/routes/auth.microsoft.tsx\n// import type { ActionFunctionArgs } from \"@remix-run/node\";\n// import { redirect } from \"@remix-run/node\";\n// import { authenticator } from \"~/services/auth.server\";\n\n// export async function action({ request }: ActionFunctionArgs) {\n// return authenticator.authenticate(\"microsoft\", request, {\n// successRedirect: \"/dashboard\",\n// failureRedirect: \"/login\",\n// });\n// }","lang":"typescript","description":"Demonstrates how to set up the MicrosoftStrategy with Remix Auth, including environment variable usage for credentials, recommended scopes, and a basic user resolution logic. It also includes an example of an authenticator instance and how to use it with the strategy.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}