Search code examples
azure-active-directoryadalazure-ad-msal

ADAL and MSAL confusion

My References

According to this,

Starting June 30th, 2020 we will no longer add any new features to Azure Active Directory Authentication Library (ADAL) and Azure AD Graph. We will continue to provide technical support and security updates but we will no longer provide feature updates. Applications will need to be upgraded to Microsoft Authentication Library (MSAL) and Microsoft Graph. Learn more

And this,

Starting June 30th, 2022, we will end support for ADAL and Azure AD Graph and will no longer provide technical support or security updates. Apps using Azure AD Graph after this time will no longer receive responses from the Azure AD Graph endpoint. Apps using ADAL on existing OS versions will continue to work after this time but will not get any technical support or security updates.

and this link,

using Microsoft.IdentityModel.Clients.ActiveDirectory; // ADAL
using Microsoft.Identity.Client; // MSAL

ADAL should be replaced by MSAL. However, my project does not reference either of the above libraries.

These are the references I have in my project.

Microsoft.IdentityModel.JsonWebTokens
Microsoft.IdentityModel.Protocols.OpenIdConnect
Microsoft.IdentityModel.Tokens
Microsoft.Owin
Microsoft.Owin.Security
Microsoft.Owin.Security.Cookies
Microsoft.Owin.Security.OpenIdConnect
Owin

Questions

The more I read about this topic the more I get confused because one minute I'm under the impression that ADAL is only authorization and not authentication and the next minute I see it referred to as ADAL Authentication. I just want to know if I need to update my authentication code for it to continue working.

  • Since my project does not reference Microsoft.IdentityModel.Clients.ActiveDirectory and only uses Azure AD for authentication and not authorization, does this mean this change will not affect me?
  • ADAL and MSAL are only for authorization and not authentication correct? If this is the case, why do they reference MSAL and Microsoft Graph, what is the difference?
Solution

  • Since you did not use either of the libraries(Microsoft.IdentityModel.Clients.ActiveDirectory and Microsoft.Identity.Client) and you only use Azure AD for authentication, so I don't think this change will affect your project.

    For your question about why they reference MSAL and Microsoft Graph but not ADAL and Azure AD Graph. In fact, the two are similar and changes are minor. You can refer to this document to know the differences between them.