Create proper documentation on supported Browsers and Identity Providers

[vladkosarev]

MSAL readme says - 'This library is suitable for use in a production environment. ' and since b2c has been GA for a long time that comes with a set of assumptions that don't seem to be true at all.

Current documentation is very confusing. For example https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/Using-msal.js-with-Internet-Explorer says 'This just works in production' which is obviously not the case according to #347. From what I can gather only Chrome and Firefox might be currently supported but that is not mentioned anywhere.

Identity Providers support seems to also be only partially working and there's no table to see what works and what doesn't. In #352 I mention Twitter not working but that's just what we tried. There's no way right now to know which providers are supported and which aren't.

All of this creates HUGE confusion when researching B2C as a viable solution. It is sold as GA and ready for production but it doesn't look like that's the case if MSAL is involved.

Is it possible to create documentation on supported Browsers and Identity Providers and put it right in README so that it is obvious to the customer if they should consider b2c at all? This would save your clients a ton of time.

Thanks.

[visualjeff]

I don't work for Microsoft but I do work for a big retailer that is injecting B2C into their commerce platform and I will say the documentation for MSAL is little sparse. But having said that B2C is much more that MSAL and our decision to step into implementing B2C didn't even factor in the MSAL library.

But you are correct. The documentation for MSAL needs to be stepped up. Working examples with different frameworks, etc...

[visualjeff]

BTW, When you say Identity Providers... From my understanding... With B2C the JWT token you receive back is always from AAD. When you setup your B2C tenant and ask it to auth with Facebook you won't receive a Facebook JWT token. Even though you see a Facebook authentication prompt.
The id_token returned is from AAD (not from Facebook) and it could include some additional information from Facebook. Depending on how you configure things with your B2C tenant. I guess you might say B2C is rewriting a JWT token behind the scene. I hope I made sense.

[visualjeff]

I just read #177. Interesting. I'll have to test this when I get in the office. Is there a B2C cors setting that needs to be set?

[vladkosarev]

@visualjeff thanks for your comments. For us MSAL was a requirement since we are using vuejs SPA for our UI. I actually converted our app to hellojs and that works much better with multiple browsers. I hope MS improves documentation so that others don't have to waste time to see if current library fits their use case.

[visualjeff]

Agreed. Microsoft needs a working example and test suite for each Javascript UI framework. I've been trying to integrate MSAL into ember.js. I have had some success but its an up hill climb.

[nehaagrawal]

@visualjeff vladkosarev we have released the fix for IE and edge browser in MSAL 0.2.2. Please check the release notes for more details.

[navyasric]

@vladbarosan FYI.
MSAL.js integrates with Azure AD v2.0 service and the Azure AD B2C service. Azure AD B2C in turn provides the access to social Identity providers such as Facebook, Twitter, etc which is documented on the B2C docs. The Readme overview has been updated to make this clear and adds a link to the B2C docs on Identity providers. We have also added information on browser support to our FAQs.