On-User-Behalf flow (Microsoft Entra)
I'm trying better-auth for the first time and like it a lot. But I don't get my head around some behaviours and would be super happy if someone could just point me in the right direction.
I'm using Astro and Microsoft Entra only. No e-mail/password or other socials.
What I'm trying to achieve:
- [x] User can login with Microsoft entra
- [x] Add scopes to authentication
- [ ] Get access token to call Microsoft Graph (on-user-behalf flow)
- [ ] Create api endpoint to get access token client-side
- [ ] Refresh access token of Microsoft Entra automatically
My questions are the following:
- The only place in which I found the Microsoft Entra access token is the getUserInfo function. Is this the correct place to get it from? Should I save it in a cookie or append it to the User-object directly?
- Will the access token be refreshed or do I need to implement that myself?
- Do I need a database at all and if so, how can I use
*I searched the docs and this help forum but couldn't find the right answer.. Sorry if I just overlooked something. It seems such a common use-case.
*
I'm using Astro and Microsoft Entra only. No e-mail/password or other socials.
What I'm trying to achieve:
- [x] User can login with Microsoft entra
- [x] Add scopes to authentication
- [ ] Get access token to call Microsoft Graph (on-user-behalf flow)
- [ ] Create api endpoint to get access token client-side
- [ ] Refresh access token of Microsoft Entra automatically
My questions are the following:
- The only place in which I found the Microsoft Entra access token is the getUserInfo function. Is this the correct place to get it from? Should I save it in a cookie or append it to the User-object directly?
- Will the access token be refreshed or do I need to implement that myself?
- Do I need a database at all and if so, how can I use
@astro/db*I searched the docs and this help forum but couldn't find the right answer.. Sorry if I just overlooked something. It seems such a common use-case.
*Solution
So I switched over to Lucia and got it working.
I was following another help thread in here, which got a similar problem. You might find your solution here @mikewilliams : I cannot copy the link.. dont know why. Discord doesn't let me. The thread is called "RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15"
I was following another help thread in here, which got a similar problem. You might find your solution here @mikewilliams : I cannot copy the link.. dont know why. Discord doesn't let me. The thread is called "RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15"
Was this page helpful?
