When building a cloud app, one of the most common cross cutting concerns is the authentication of users. For some solutions, the security implementation is handled by the application itself. In this article, we explore the use of Azure Active Directory (AAD) to provide the security services for our web or mobile apps. The application we are building is a Node.js backend API with an AngularJS front end. We explore the following areas: • Create an AngularJS App and use Git to deploy to Azure • Add Azure Active Directory (AD) service authentication to protect our app • Discuss the limitation using simple AD authentication when enabling anonymous access to some routes. • Enhance our security by taking direct control of the Azure AD APIs in our code to consume the Jason Web Token (JWT) from the Azure Identity provider.