Convert Figma logo to code with AI

AzureAD logomicrosoft-authentication-library-for-dotnet

Microsoft Authentication Library (MSAL) for .NET

1,369
337
1,369
221

Quick Overview

The Microsoft Authentication Library (MSAL) for .NET is a client-side library that provides authentication and authorization capabilities for .NET applications. It enables developers to easily integrate Azure Active Directory (Azure AD) and Microsoft Accounts (MSA) into their applications, allowing users to sign in and access protected resources.

Pros

  • Simplified Authentication: MSAL abstracts the complexity of authentication flows, allowing developers to focus on building their application's core functionality.
  • Multi-Platform Support: MSAL supports a wide range of .NET platforms, including .NET Core, .NET Standard, and Xamarin.
  • Seamless Integration: MSAL integrates well with the Microsoft identity platform, providing a smooth user experience for authentication and authorization.
  • Active Development and Support: The library is actively maintained by Microsoft and benefits from regular updates and bug fixes.

Cons

  • Limited Customization: While MSAL provides a lot of functionality out of the box, it may not offer the level of customization that some developers require for their specific use cases.
  • Dependency on Microsoft Identity Platform: MSAL is tightly coupled with the Microsoft identity platform, which may be a limitation for developers who need to integrate with other identity providers.
  • Learning Curve: Developers new to MSAL and the Microsoft identity platform may face a steeper learning curve compared to more generic authentication libraries.
  • Performance Overhead: Depending on the complexity of the application and the number of authentication requests, MSAL may introduce some performance overhead.

Code Examples

Here are a few code examples demonstrating the usage of MSAL for .NET:

Acquiring an Access Token

var app = PublicClientApplicationBuilder.Create("client_id")
    .WithRedirectUri("redirect_uri")
    .Build();

var result = await app.AcquireTokenInteractive(scopes)
    .ExecuteAsync();

string accessToken = result.AccessToken;

This code demonstrates how to acquire an access token using the AcquireTokenInteractive method, which prompts the user to sign in and consent to the requested scopes.

Acquiring a Token Silently

var app = PublicClientApplicationBuilder.Create("client_id")
    .WithRedirectUri("redirect_uri")
    .Build();

var result = await app.AcquireTokenSilent(scopes, account)
    .ExecuteAsync();

string accessToken = result.AccessToken;

This code shows how to acquire an access token silently, without prompting the user for credentials, using the AcquireTokenSilent method.

Calling a Protected API

var app = ConfidentialClientApplicationBuilder.Create("client_id")
    .WithClientSecret("client_secret")
    .WithRedirectUri("redirect_uri")
    .Build();

var result = await app.AcquireTokenForClient(scopes)
    .ExecuteAsync();

string accessToken = result.AccessToken;

using (var httpClient = new HttpClient())
{
    httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
    var response = await httpClient.GetAsync("https://api.contoso.com/protected-resource");
    // Handle the response
}

This code demonstrates how to use MSAL to acquire an access token and then use it to call a protected API.

Getting Started

To get started with MSAL for .NET, follow these steps:

  1. Install the MSAL.NET package from NuGet:

    Install-Package Microsoft.Identity.Client
    
  2. Register your application in the Azure Portal to obtain the necessary configuration values (client ID, redirect URI, etc.).

  3. Initialize the MSAL application in your code:

    var app = PublicClientApplicationBuilder.Create("client_id")
        .WithRedirectUri("redirect_uri")
        .Build();
    
  4. Acquire an access token using one of the available methods, such as AcquireTokenInteractive or AcquireTokenSilent.

  5. Use the acquired access token to call a protected API:

    using (var httpClient = new HttpClient())
    {
        http
    

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Microsoft Authentication Library (MSAL) for .NET

The MSAL library for .NET is part of the Microsoft identity platform for developers (formerly named Azure AD) v2.0. It enables you to acquire security tokens to call protected APIs. It uses industry standard OAuth2 and OpenID Connect. The library also supports Azure AD B2C.

Quick links:

Conceptual documentationGetting StartedSample CodeAPI ReferenceSupportFeedback

Performance perspectives

Our documentation describes the approach to performance testing.

View some of the historical performance benchmark results in our dashboard.

Support SLA

MSAL.NET became Generally Available with MSAL.NET 3.0.8. Since MSAL.NET moved to version 4:

  • Major versions are supported for twelve months after the release of the next major version.
  • Minor versions older than N-1 are not supported.

Note Minor versions include bug fixes or features with non-breaking (additive) API changes. It is expected that applications using the library can upgrade through the IDE or CLI with no friction. We will not patch old minor versions of the library. When opening new issues, please confirm that you are using the latest minor version.

Using MSAL.NET

Where do I file issues

You can file new issues in this repository.

Community help and support

We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.

If you find a bug or have a feature request, please raise the issue on GitHub Issues.

Contribute

We welcome contributions and feedback. You can fork and clone the repo and start contributing now. Read our Contribution Guide for more information.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Security library

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.z) ensures you get the latest security and feature enhancements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

Security reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com in as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bug Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly after receiving the information. We encourage you to get notifications of when security incidents occur by visiting the Microsoft Technical Security Notifications page and subscribing to Security Advisory Alerts.

Data collection

The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft's privacy statement. Our privacy statement is located at https://go.microsoft.com/fwlink/?LinkID=824704. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.

See the our telemetry documentation for an example of the telemetry collected by MSAL.NET.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Copyright © Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License").