Microsoft Entra ID Authentication Application

A secure Node.js web application implementing Microsoft Entra ID (Azure AD) authentication with a minimalist black interface.

Features

• Single Sign-On with Microsoft Entra ID
• Secure session management
• Rate limiting and security headers
• Comprehensive logging
• Automated deployment to Azure Web App

Prerequisites

• Node.js 18.x or later
• Microsoft Azure account
• Microsoft Entra ID (Azure AD) application registration
• Azure Web App service
• GitHub account (for deployment)

Local Development Setup

1. Clone the repository:

git clone [repository-url]
cd [repository-name]

2. Install dependencies:

npm install

3. Create a .env file in the root directory with the following variables:

CLIENT_ID=your_client_id
TENANT_ID=your_tenant_id
CLIENT_SECRET=your_client_secret
REDIRECT_URI=http://localhost:3000/auth/callback
SESSION_SECRET=your_session_secret

4. Start the development server:

npm run dev

The application will be available at http://localhost:3000

Microsoft Entra ID Setup

1. Go to the Azure Portal (https://portal.azure.com)
2. Navigate to Microsoft Entra ID > App registrations
3. Click "New registration"
4. Enter application details:
   • Name: Your app name
   • Supported account types: Single tenant
   • Redirect URI: http://localhost:3000/auth/callback (for development)
5. After registration, note down:
   • Application (client) ID
   • Directory (tenant) ID
6. Under "Certificates & secrets":
   • Create a new client secret
   • Copy the secret value immediately

Environment Variables

Variable	Description
CLIENT_ID	Microsoft Entra ID Application (client) ID
TENANT_ID	Microsoft Entra ID Directory (tenant) ID
CLIENT_SECRET	Microsoft Entra ID client secret
REDIRECT_URI	Authentication callback URL
SESSION_SECRET	Secret for session encryption

GitHub Actions Deployment

Required Secrets

Set the following secrets in your GitHub repository:

Application Secrets

• CLIENT_ID (Microsoft Entra ID Application Client ID)
• TENANT_ID (Microsoft Entra ID Tenant ID)
• CLIENT_SECRET (Microsoft Entra ID Client Secret)
• REDIRECT_URI (Authentication callback URL)
• SESSION_SECRET (Session encryption key)

Azure Deployment Secrets (Auto-configured)

The following secrets are automatically configured when you connect your GitHub repository to Azure Web App:

• AZUREAPPSERVICE_CLIENTID_{ID}
• AZUREAPPSERVICE_TENANTID_{ID}
• AZUREAPPSERVICE_SUBSCRIPTIONID_{ID}

Deployment Steps

1. Create an Azure Web App in the Azure Portal
2. In the Azure Web App, go to Deployment Center
3. Select GitHub as the source and connect your repository
4. Azure will automatically configure the deployment workflow and required secrets
5. Add the application secrets to GitHub Secrets
6. Push to main branch to trigger deployment

Project Structure

├── .github/
│   └── workflows/
│       └── main_entraidlogin.yml
├── documents/
│   ├── api.md
│   ├── architecture.md
│   └── security.md
├── public/
│   ├── index.html
│   └── welcome.html
├── app.js
├── package.json
└── README.md

Security Features

• Content Security Policy (CSP)
• Security headers via Helmet
• Rate limiting
• Secure session management
• Input validation
• Error handling
• Comprehensive logging

Documentation

Detailed documentation is available in the documents folder:

• API Documentation
• Architecture Documentation
• Security Documentation

Development

# Install dependencies
npm install

# Run in development mode
npm run dev

# Run in production mode
npm start

Contributing

1. Fork the repository
2. Create a feature branch
3. Commit your changes
4. Push to the branch
5. Create a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.