I'm trying to develop a Next.js app in which the user can login with his/her azure id. After that, email and other details from that token should be verified in my Node.js backend and a custom token should be sent to the frontend for further authentication and authorization purposes. Can anyone help me with what libraries should I use and what should be the flow for the same? I'm a beginner in Web Application development and this is the first time I'm dealing with Authentication/Authorization Scenario. Any help would be appreciated :)
Email claim is an optional claim, you may refer this documentation on how to fetch email and other optional claims. Once the user is authenticated you can get the email claim for signed in user by <>.getAccount().idTokenClaims.email, you can get all other claims from idTokenClaims properties for the signed in user. There are multiple custom JWT token builder on NPM packages, you can use to build custom token like below with the claims from idTokenClaims and send it to your front end.
const jwt = require('njwt')
const claims = { iss: 'fun-with-jwts', sub: 'AzureDiamond' , mail : idTokenClaims.email , ...fill other claims that you need...}
const token = jwt.create(claims, 'top-secret-phrase')
token.setExpiration(new Date().getTime() + 60*1000)
res.send(token.compact())
You can find all the relevant packages from Microsoft for your application for backend and front end here