From 32fe410029f15aff0a067423118e981d0d984710 Mon Sep 17 00:00:00 2001 From: Philzen Date: Wed, 11 Dec 2024 23:39:17 +0100 Subject: [PATCH] [docs] Add offline_access to implicit scopes added by msal-browser (#11764) --- docs/docs/auth/azure.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs/auth/azure.md b/docs/docs/auth/azure.md index 61477529fcb6..5635ef093116 100644 --- a/docs/docs/auth/azure.md +++ b/docs/docs/auth/azure.md @@ -107,11 +107,11 @@ To add roles exposed via the `roles` claim, follow [Add app roles to your applic ## `logIn` Options `options` in `logIn(options?)` is of type [RedirectRequest](https://azuread.github.io/microsoft-authentication-library-for-js/ref/types/_azure_msal_browser.RedirectRequest.html) and is a good place to pass in optional [scopes](https://docs.microsoft.com/en-us/graph/permissions-reference#user-permissions) to be authorized. -By default, MSAL sets `scopes` to [/.default](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#the-default-scope) which is built in for every application that refers to the static list of permissions configured on the application registration. Furthermore, MSAL will add `openid` and `profile` to all requests. In the example below we explicit include `User.Read.All` in the login scope. +By default, MSAL sets `scopes` to [/.default](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#the-default-scope) which is built in for every application that refers to the static list of permissions configured on the application registration. Furthermore, MSAL will add `openid`, `profile` and `offline_access` to all requests. In the example below we explicit include `User.Read.All` in the login scope. ```jsx await logIn({ - scopes: ['User.Read.All'], // becomes ['openid', 'profile', 'User.Read.All'] + scopes: ['User.Read.All'], // becomes ['openid', 'profile', 'offline_access', 'User.Read.All'] }) ```