Migrate applications to the Microsoft Authentication Library (MSAL)

Many developers have built and deployed applications using the Azure Active Directory Authentication Library (ADAL). We now recommend using the Microsoft Authentication Library (MSAL) for authentication and authorization of Azure AD entities.

By using MSAL instead of ADAL:

  • You can authenticate a broader set of identities:
    • Azure AD identities
    • Microsoft accounts
    • Social and local accounts by using Azure AD B2C
  • Your users will get the best single-sign-on experience.
  • Your application can enable incremental consent.
  • Supporting Conditional Access is easier.
  • You benefit from innovation. Because all Microsoft development efforts are now focused on MSAL, no new features will be implemented in ADAL.

MSAL is now the recommended authentication library for use with the Microsoft identity platform.

Migration guidance

The following articles can help you migrate to MSAL:

Frequently asked questions (FAQ)

Q: Is ADAL being deprecated?
A: Yes. Starting June 30th, 2020, we will no longer add new features to ADAL. We'll continue adding critical security fixes to ADAL until June 30th, 2022. After this date, your apps using ADAL will continue to work, but we recommend upgrading to MSAL to take advantage of the latest features and to stay secure.

Q: Will my existing ADAL apps stop working?
A: No. Your existing apps will continue working without modification. If you're planning to keep them beyond June 30th, 2022, you should consider updating your apps to MSAL to keep them secure, but migrating to MSAL isn't required to maintain existing functionality.

Q: How do I know which of my apps are using ADAL?
A: If you have the source code for the application, you can reference the above migration guides to help determine which library the app uses and how to migrate it to MSAL. If you partnered with an ISV, we suggest you reach out to them directly to understand their migration journey to MSAL.

Q: Why should I invest in moving to MSAL?
A: MSAL contains new features not in ADAL including incremental consent, single sign-on, and token cache management. Also, unlike ADAL, MSAL will continue to receive security patches beyond June 30th, 2022. Learn more.

Q: Will Microsoft update its own apps to MSAL?
Yes. Microsoft is in the process of migrating its applications to MSAL by the end-of-support deadline, ensuring they'll benefit from MSAL's ongoing security and feature improvements.

Q: Will you release a tool that helps me move my apps from ADAL to MSAL?
A: No. Differences between the libraries would require dedicating resources to development and maintenance of the tool that would otherwise be spent improving MSAL. However, we do provide the preceding set of migration guides to help you make the required changes in your application.

Q: How does MSAL work with AD FS?
A: MSAL.NET supports certain scenarios to authenticate against AD FS 2019. If your app needs to acquire tokens directly from earlier version of AD FS, you should remain on ADAL. Learn more.

Q: How do I get help migrating my application?
A: See the Migration guidance section of this article. If, after reading the guide for your app's platform, you have additional questions, you can post on Microsoft Q&A with the tag [azure-ad-adal-deprecation] or open an issue in library's GitHub repository. See the Languages and frameworks section of the MSAL overview article for links to each library's repo.

Next steps