This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 43%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKV%3C/text%3E%3C/svg%3E)
I have been thoroughly reading documentation and code examples on AD B2C, MSAL and other related topics, but I'm having a hard time figuring out how I can integrate AD B2C into the authentication and authorization for my Django Rest Framework backend.
We have a separate Angular SPA that calls the DRF API. The API should check if the request is authenticated and authorized to access it. Quite a common use case. However, the documentation examples and topics on Python only show how to integrate Flask or Django on their own, without an SPA, because Flask and regular Django use server-side rendering of templates.
So how can I make my backend API verify the access token that would come from the frontend with Azure AD B2C? Should I use the MSAL library for this, or should I use an OAuth library that's well integrated into DRF like django-oauth-toolkit? The documentation is very unclear in my opinion.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
I understand you are asking for guidance on how to integrate Azure AD B2C authentication and authorization into their Django Rest Framework (DRF) backend API, which is being called by a separate Angular SPA.
The Angular SPA will handle user authentication using Azure AD B2C. It will use the Microsoft Authentication Library (MSAL) to acquire access tokens. Once the user is authenticated, the SPA will receive an access token from Azure AD B2C. This token will be included in the Authorization header of requests made to the DRF API. The DRF backend will need to verify the access token received from the SPA to ensure that the request is authenticated and authorized.
You can use the django-oauth-toolkit library to implement OAuth2 authentication and authorization in your DRF backend. However, since you are already using Azure AD B2C for authentication and authorization, it might be simpler to use the MSAL library to obtain the access token and verify it in your DRF backend.
For your reference: https://learn.microsoft.com/en-us/entra/identity-platform/msal-overview
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.