-
Notifications
You must be signed in to change notification settings - Fork 343
msal net 4.3
See Microsoft Authentication Library for .NET for updated documentation.
We are excited to announce the release of MSAL.NET 4.3 which brings one feature, and fixes bugs.
Brokers are applications, provided by Microsoft on Android and iOS (Microsoft Authenticator on iOS and Android, Intune Company Portal on Android). They enable:
- Single-Sign-On,
- Device identification, which is required by some conditional access policies (See Device management
- Application identification verification also required in some enterprise scenarios (See for instance Intune mobile application management, or MAM)
If you build an application that needs to work in tenants where conditional access is enabled, or if you want your users can benefit from a better experience, you should enable brokers. This is simple. you'll need to call WithBroker()
at the construction of the application. Then when the user signs-in interactively, they will be directed by Azure AD to install a broker from the store depending on the conditional access policies. When this is done, the next interactive authentication will use the broker.
For details, see https://aka.ms/msal-net-brokers for more information on platform specific settings required to enable the broker.
IPublicClientApplication application = PublicClientApplicationBuilder.Create(clientId)
.WithDefaultRedirectUri()
.WithBroker()
.Build();
Broker support is only available on iOS at this time. Microsoft Authenticator is supporting the microsoft identity platform v2.0 endpoint. When brokers are deployed for Android, MSAL.NET will also support brokers on Android with the same mechanism.
To assist in moving your ADAL.NET Xamarin iOS application to MSAL.NET, see this migration page for the code changes needed between ADAL.NET and MSAL.NET to target the iOS Broker.
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code