Azure Active Directory authentication using OpenID

Latest version: 0.3.3 registry icon
Maintenance score
Safety score
Popularity score
Check your open source dependency risks. Get immediate insight about security, stability and licensing risks.
Version Suggest Low Medium High
0.3.3 0 0 0 0
0.3.2 0 0 0 0
0.3.1 0 0 0 0
0.3.0 0 0 0 0
0.2.0 0 0 0 0
0.1.1 0 0 0 0
0.1.0 0 0 0 0

Latest release:

0.3.3 - this version is safe to use because it has no known security vulnerabilities at this time. Find out if your coding project uses this component and get notified of any reported security vulnerabilities with Meterian-X Open Source Security Platform


Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.

MIT   -   MIT License

Not a wildcard

Not proprietary

OSI Compliant

Azure Active Directory OpenID

Build Status Hex Version License

Azure Active Directory authentication using OpenID.

This is a simple and opinionated OpenID authentication library for Azure Active Directory. The following decisions have been made:

  • The nonce has a timeout of 15 minutes
  • The callback will reject id_tokens with an iat that is more than 6 minutes old


The package can be installed by adding azure_ad_openid to your list of dependencies in mix.exs:

def deps do
    {:azure_ad_openid, "~> 0.2"},

Basic Usage

This library can be used with or without the standard Elixir configuration. If you want to use it with configuration set the following in your config files:

config :azure_ad_openid, AzureADOpenId,
  tenant: <your tenant>,
  client_id: <your client_id>,
  client_secret: <>, # only needed to generate access tokens
  aud: <> # used to overide client_id as the value for aud

If you don't setup the config, you will need to pass these values in manually at runtime. For example to get the authorization url:

config = [tenant: <your tenant>, client_id: <your client_id>]
AzureADOpenId.authorize_url!(<redirect_uri>, config)

The following is a simple example of a Phoenix authentication controller that uses this library:

defmodule MyAppWeb.AuthController do
  use MyAppWeb, :controller

  alias AzureADOpenId

  def login(conn, _) do
    base_uri = Application.get_env(:my_app, :base_uri)
    redirect_uri = "#{base_uri}/auth/callback"
    redirect conn, external: AzureADOpenId.authorize_url!(redirect_uri)

  def callback(conn, _) do
    {:ok, claims} = AzureADOpenId.handle_callback!(conn)

    |> put_session(:user_claims, claims)
    |> redirect(to: "/")

  def logout(conn, _) do
    |> put_session(:user_claims, nil)
    |> redirect(external: AzureADOpenId.logout_url())


The docs can be found at .


The following repository was used as a base for the AzureAD authentication:


Please see LICENSE for licensing details.