Microsoft Entra ID
Resources
Section titled “Resources”Environment variables
Section titled “Environment variables”MICROSOFT_CLIENT_ID=MICROSOFT_CLIENT_SECRET=
Callback URL
Section titled “Callback URL”Under your app registration’s “Authentication” settings, you need to add a “Web” platform and configure the redirect URI.
/api/auth/microsoft/callback
Microsoft allows adding multiple redirect URIs, so add both your development and production URLs.
Config
Section titled “Config”The openid
, profile
, email
, and User.Read
scopes are requested by default.
import process from 'node:process'import { createAuth } from '@rttnd/gau/core'import { Microsoft } from '@rttnd/gau/oauth';
export const auth = createAuth({ providers: [ Microsoft({ clientId: process.env.MICROSOFT_CLIENT_ID, clientSecret: process.env.MICROSOFT_CLIENT_SECRET, }), ],});
Extra config
Section titled “Extra config”Property | Type | Default | Description |
---|---|---|---|
tenant | string | "common" | The Microsoft Entra ID tenant to use. "common" works with both personal and work/school accounts. Other options include "organizations" (work/school accounts only) or a specific tenant ID. |