📋 Microsoft Entra Documentation Changes

Daily summary for changes since May 20th 2026, 11:16 PM PDT

Report generated on May 21st 2026, 11:16 PM PDT

📊 Summary

12
Total Commits
0
New Files
1
Modified Files
0
Deleted Files
4
Contributors

📝 Modified Documentation Files

MODIFIED docs/identity-platform/tutorial-native-authentication-single-page-app-javascript-custom-headers.md
Modified by Derdus Kenga on May 21, 2026 8:45 AM
📖 View on learn.microsoft.com
+12 / -17 lines changed
Commit: review comments
Changes:
Before
After
---
title: Add custom headers to native auth requests in JavaScript SPAs
description: Learn how to attach custom x-* headers to native authentication requests in a React or Angular SPA to integrate fraud-detection SDKs with Microsoft Entra External ID.
author: kengaderdus
manager: dougeby
 
[!INCLUDE [applies-to-external-only](../external-id/includes/applies-to-external-only.md)]
 
This tutorial shows you how to attach custom `x-*` headers to native authentication network requests in a React or Angular single-page app (SPA). Use the `CustomAuthRequestInterceptor` from the native authentication JavaScript SDK to integrate third-party fraud and bot-detection SDKs such as Akamai, HUMAN, Prove, or ThreatMetrix.
 
The same interceptor pattern applies to both React and Angular apps. The code is identical; only the location of your app configuration file differs.
 
In this tutorial, you:
 
> [!div class="checklist"]
>
> - Understand the header naming rules that MSAL enforces.
> - Implement a `CustomAuthRequestInterceptor`.
> - Register the interceptor on your `CustomAuthConfiguration`.
> - Verify that your headers reach the intended endpoints.
---
title: Add custom headers to native authentication requests in JavaScript SPAs
description: Learn how to attach custom x-* headers to native authentication requests in a React or Angular SPA to integrate fraud-detection SDKs with Microsoft Entra External ID.
author: kengaderdus
manager: dougeby
 
[!INCLUDE [applies-to-external-only](../external-id/includes/applies-to-external-only.md)]
 
This tutorial shows you how to add custom `x-*` headers to native authentication network requests in a React or Angular single-page app (SPA). Use the `CustomAuthRequestInterceptor` from the native authentication JavaScript SDK to integrate third-party fraud and bot-detection SDKs.
 
In this tutorial, you:
 
> [!div class="checklist"]
>
> - Learn the header naming rules that our SDK enforces.
> - Register the interceptor on your app configuration.
> - Verify that your headers reach the intended endpoints.
 
## Prerequisites
 

🤖 This report was automatically generated by the Entra Docs Monitor

📧 Delivered to merill@merill.net

🔗 Visit Repository