MicrosoftDocs
diff --git a/‎articles/active-directory/develop/media/quickstarts/angular-spa/quickstart-angular-spa-sign-in.png
26.6 KB b/‎articles/active-directory/develop/media/quickstarts/angular-spa/quickstart-angular-spa-sign-in.png
26.6 KB
diff --git a/‎articles/active-directory/develop/media/quickstarts/js-spa/quickstart-js-spa-sign-in.png
35.5 KB b/‎articles/active-directory/develop/media/quickstarts/js-spa/quickstart-js-spa-sign-in.png
35.5 KB
diff --git a/‎articles/active-directory/develop/media/quickstarts/react-SPA/quickstart-react-spa-sign-in.png
39.7 KB b/‎articles/active-directory/develop/media/quickstarts/react-SPA/quickstart-react-spa-sign-in.png
39.7 KB
diff --git a/‎articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md
Lines changed: 42 additions & 91 deletions b/‎articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md
Lines changed: 42 additions & 91 deletions
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: quickstart
 
-ms.date: 07/27/2023
+ms.date: 09/13/2023
 ms.author: henrymbugua
 ms.reviewer: j-mantu
 ms.custom: aaddev, "scenarios:getting-started", "languages:JavaScript", devx-track-js
@@ -17,133 +17,84 @@ ms.custom: aaddev, "scenarios:getting-started", "languages:JavaScript", devx-tra
 
 # Quickstart: Sign in users in a single-page app (SPA) and call the Microsoft Graph API using Angular
 
-In this quickstart, you download and run a code sample that demonstrates how a JavaScript Angular single-page application (SPA) can sign in users and call Microsoft Graph using the authorization code flow. The code sample demonstrates how to get an access token to call the Microsoft Graph API or any web API.
+This quickstart uses a sample Angular single-page app (SPA) to show you how to sign in users by using the [authorization code flow](/azure/active-directory/develop/v2-oauth2-auth-code-flow) with Proof Key for Code Exchange (PKCE) and call the Microsoft Graph API. The sample uses the [Microsoft Authentication Library for JavaScript](/javascript/api/@azure/msal-react) to handle authentication.
 
-See [How the sample works](#how-the-sample-works) for an illustration.
-
-This quickstart uses MSAL Angular v2 with the authorization code flow.
+In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample Angular SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work/school account, and sign out.
 
 ## Prerequisites
 
-* Azure subscription - [Create an Azure subscription for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F)
+* An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 * [Node.js](https://nodejs.org/en/download/)
-* [Visual Studio Code](https://code.visualstudio.com/download) or another code editor
-
-## Register your quickstart application
+* [Visual Studio 2022](https://visualstudio.microsoft.com/vs/) or [Visual Studio Code](https://code.visualstudio.com/)
 
-[!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
+## Register the application in the Microsoft Entra admin center
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](../roles/permissions-reference.md#application-developer).
 1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
 1. Browse to **Identity** > **Applications** > **App registrations**.
 1. Select **New registration**.
-1. Enter a **Name** for your application. Users of your app might see this name, and you can change it later.
+1. When the **Register an application** page appears, enter a name for your application, such as *identity-client-app*.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
-1. Select **Register**. On the app **Overview** page, note the **Application (client) ID** value for later use.
+1. Select **Register**.
+1. The application's Overview pane displays upon successful registration. Record the **Application (client) ID** and **Directory (tenant) ID** to be used in your application source code.
+
+## Add a redirect URI
+
 1. Under **Manage**, select **Authentication**.
-1. Under **Platform configurations**, select **Add a platform**. In the pane that opens select **Single-page application**.
+1. Under **Platform configurations**, select **Add a platform**. In the pane that opens, select **Single-page application**.
 1. Set the **Redirect URIs** value to `http://localhost:4200/`. This is the default port NodeJS will listen on your local machine. We’ll return the authentication response to this URI after successfully authenticating the user.
 1. Select **Configure** to apply the changes.
 1. Under **Platform Configurations** expand **Single-page application**.
-1. Confirm that under **Grant types** ![Already configured](media/quickstart-v2-javascript/green-check.png) Your Redirect URI is eligible for the Authorization Code Flow with PKCE.
-
-#### Step 2: Download the project
-
-To run the project with a web server by using Node.js, [download the core project files](https://github.com/Azure-Samples/ms-identity-javascript-angular-spa/archive/main.zip).
-
-#### Step 3: Configure your JavaScript app
-
-In the *src* folder, open the *app* folder then open the *app.module.ts* file and update the `clientID`, `authority`, and `redirectUri` values in the `auth` object.
-
-```javascript
-// MSAL instance to be passed to msal-angular
-export function MSALInstanceFactory(): IPublicClientApplication {
-  return new PublicClientApplication({
-    auth: {
-      clientId: 'Enter_the_Application_Id_Here',
-      authority: 'Enter_the_Cloud_Instance_Id_Here/Enter_the_Tenant_Info_Here',
-      redirectUri: 'Enter_the_Redirect_Uri_Here'
-    },
-    cache: {
-      cacheLocation: BrowserCacheLocation.LocalStorage,
-      storeAuthStateInCookie: isIE, // set to true for IE 11     },
-  });
-}
-```
-
-Modify the values in the `auth` section as described here:
+1. Confirm that for **Grant types** ![Already configured](media/quickstart-v2-javascript/green-check.png), your **Redirect URI** is eligible for the Authorization Code Flow with PKCE.
 
-- `Enter_the_Application_Id_Here` is the **Application (client) ID** for the application you registered.
+## Clone or download the sample application
 
-   To find the value of **Application (client) ID**, go to the app registration's **Overview** page.
-- `Enter_the_Cloud_Instance_Id_Here` is the instance of the Azure cloud. For the main or global Azure cloud, enter `https://login.microsoftonline.com`. For **national** clouds (for example, China), see [National clouds](authentication-national-cloud.md).
-- `Enter_the_Tenant_info_here` is set to one of the following:
-  - If your application supports *accounts in this organizational directory*, replace this value with the **Tenant ID** or **Tenant name**. For example, `contoso.microsoft.com`.
+To obtain the sample application, you can either clone it from GitHub or download it as a .zip file.
 
-   To find the value of the **Directory (tenant) ID**, go to the app registration's **Overview** page.
-  - If your application supports *accounts in any organizational directory*, replace this value with `organizations`.
-  - If your application supports *accounts in any organizational directory and personal Microsoft accounts*, replace this value with `common`. **For this quickstart**, use `common`.
-  - To restrict support to *personal Microsoft accounts only*, replace this value with `consumers`.
+- To clone the sample, open a command prompt and navigate to where you wish to create the project, and enter the following command:
 
-   To find the value of **Supported account types**, go to the app registration's **Overview** page.
-- `Enter_the_Redirect_Uri_Here` is `http://localhost:4200/`.
+    ```console
+    git clone https://github.com/Azure-Samples/ms-identity-docs-code-javascript.git
+    ```
 
-The `authority` value in your *app.module.ts* should be similar to the following if you're using the main (global) Azure cloud:
+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/archive/refs/heads/main.zip)
 
-```javascript
-authority: "https://login.microsoftonline.com/common",
-```
+## Configure the project
 
-Scroll down in the same file and update the `graphMeEndpoint`.
-- Replace the string `Enter_the_Graph_Endpoint_Herev1.0/me` with `https://graph.microsoft.com/v1.0/me`
-- `Enter_the_Graph_Endpoint_Herev1.0/me` is the endpoint that API calls will be made against. For the main (global) Microsoft Graph API service, enter `https://graph.microsoft.com/` (include the trailing forward-slash). For more information, see the [documentation](/graph/deployments).
+1. In your IDE, open the project folder, *ms-identity-docs-code-javascript/angular-spa*, containing the sample.
+1. Open *src/app/app.module.ts* and replace the file contents with the following snippet:
 
-```javascript
-export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration {
-  const protectedResourceMap = new Map<string, Array<string>>();
-  protectedResourceMap.set('Enter_the_Graph_Endpoint_Herev1.0/me', ['user.read']);
+    :::code language="csharp" source="~/ms-identity-docs-code-javascript/angular-spa/src/app/app.module.ts":::
 
-  return {
-    interactionType: InteractionType.Redirect,
-    protectedResourceMap
-  };
-}
-```
+    * `TenantId` - The identifier of the tenant where the application is registered. Replace the text in quotes with the **Directory (tenant) ID** that was recorded earlier from the overview page of the registered application.
+    * `ClientId` - The identifier of the application, also referred to as the client. Replace the text in quotes with the **Directory (tenant) ID** value that was recorded earlier from the overview page of the registered application.
+    * `RedirectUri` - The **Redirect URI** of the application. If necessary, replace the text in quotes with the redirect URI that was recorded earlier from the overview page of the registered application.
 
- #### Step 4: Run the project
+## Run the application and sign in
 
 Run the project with a web server by using Node.js:
 
 1. To start the server, run the following commands from within the project directory:
+
     ```console
     npm install
     npm start
     ```
-1. Browse to `http://localhost:4200/`.
-
-1. Select **Login** to start the sign-in process and then call the Microsoft Graph API.
-
-    The first time you sign in, you're prompted to provide your consent to allow the application to access your profile and sign you in. After you're signed in successfully, click the **Profile** button to display your user information on the page.
-
-## More information
-
-### How the sample works
-
-![Diagram showing the authorization code flow for a single-page application.](media/quickstart-v2-javascript-auth-code/diagram-01-auth-code-flow.png)
-
-### msal.js
+1. Copy the https URL that appears in the terminal, for example, `https://localhost:4200`, and paste it into a browser. We recommend using a private or incognito browser session.
+1. Follow the steps and enter the necessary details to sign in with your Microsoft account. You'll be requested an email address so a one time passcode can be sent to you. Enter the code when prompted.
+1. The application will request permission to maintain access to data you have given it access to, and to sign you in and read your profile. Select **Accept**.
+1. The following screenshot appears, indicating that you have signed in to the application and have accessed your profile details from the Microsoft Graph API.
 
-The MSAL.js library signs in users and requests the tokens that are used to access an API that's protected by the Microsoft identity platform.
+    :::image type="content" source="./media/quickstarts/angular-spa/quickstart-angular-spa-sign-in.png" alt-text="Screenshot of JavaScript App depicting the results of the API call.":::
 
-If you have Node.js installed, you can download the latest version by using the Node.js Package Manager (npm):
+## Sign out from the application
 
-```console
-npm install @azure/msal-browser @azure/msal-angular@2
-```
+1. Find the **Sign out** link in the top right corner of the page, and select it.
+1. You'll be prompted to pick an account to sign out from. Select the account you used to sign in.
+1. A message appears indicating that you have signed out.
 
-## Next steps
+## Related content
 
-For a detailed step-by-step guide on building the auth code flow application using vanilla JavaScript, see the following tutorial:
+- [Quickstart: Protect an ASP.NET Core web API with the Microsoft identity platform](./quickstart-web-api-aspnet-core-protect-api.md)
 
-> [!div class="nextstepaction"]
-> [Tutorial to sign in users and call Microsoft Graph](tutorial-v2-javascript-auth-code.md)
+- Learn more by building this Angular SPA from scratch with the following series - [Tutorial: Sign in users and call Microsoft Graph](./tutorial-v2-angular-auth-code.md)