方案:单页应用程序Scenario: Single-page application

了解生成单页应用程序 (SPA) 所需的一切。Learn all you need to build a single-page application (SPA).

必备条件Prerequisites

在阅读本文之前,应熟悉以下概念:Before reading this article, you should be familiar with the following concepts:

入门Getting started

可以按 JavaScript SPA 快速入门创建第一个应用程序:You can create your first application by following the JavaScript SPA quickstart:

概述Overview

许多新式 Web 应用程序都是作为客户端单页应用程序构建的。Many modern web applications are built as client-side single-page applications. 开发人员使用 JavaScript 或 SPA 框架(如 Angular、Vue.js 和 React.js)进行编写。Developers write them by using JavaScript or a SPA framework such as Angular, Vue.js, and React.js. 这些应用程序在 Web 浏览器上运行,与传统的服务器端 Web 应用程序相比,它们具有不同的身份验证特征。These applications run on a web browser and have different authentication characteristics than traditional server-side web applications.

Microsoft 标识平台可让单页应用程序使用 OAuth 2.0 隐式流将用户登录,并获取用于访问后端服务或 Web API 的令牌。The Microsoft identity platform enables single-page applications to sign in users and get tokens to access back-end services or web APIs by using the OAuth 2.0 implicit flow. 隐式流允许应用程序获取 ID 令牌来表示已经过身份验证的用户以及调用受保护 API 所需的访问令牌。The implicit flow allows the application to get ID tokens to represent the authenticated user and also access tokens needed to call protected APIs.

单页应用程序

此身份验证流不包括使用 Electron 和 React-Native 之类的跨平台 JavaScript 框架的应用程序方案。This authentication flow does not include application scenarios that use cross-platform JavaScript frameworks such as Electron and React-Native. 它们需要使用其他功能才能与本机平台交互。They require further capabilities for interaction with the native platforms.

详情Specifics

若要为应用程序启用此方案,需要:To enable this scenario for your application, you need:

  • 通过 Azure Active Directory (Azure AD) 进行应用程序注册。Application registration with Azure Active Directory (Azure AD). 此注册需要启用隐式流并设置重定向 URI,方便令牌返回。This registration involves enabling the implicit flow and setting a redirect URI to which tokens are returned.
  • 带有注册的应用程序属性(例如应用程序 ID)的应用程序配置。Application configuration with the registered application properties, such as application ID.
  • 使用 Microsoft 身份验证库 (MSAL) 执行身份验证流以登录并获取令牌。Using Microsoft Authentication Library (MSAL) to do the authentication flow to sign in and acquire tokens.

后续步骤Next steps