Migrate applications to Microsoft Authentication Library (MSAL)
Many developers have built and deployed applications using the Azure Active Directory Authentication Library (ADAL). We now recommend using the Microsoft Authentication Library (MSAL) for authentication and authorization of Azure AD entities.
By using MSAL instead of ADAL:
- You can authenticate a broader set of identities:
- Azure AD identities
- Microsoft accounts
- Social and local accounts by using Azure AD B2C
- Your users will get the best single-sign-on experience.
- Your application can enable incremental consent.
- Supporting Conditional Access is easier.
- You benefit from innovation. Because all Microsoft development efforts are now focused on MSAL, no new features will be implemented in ADAL.
MSAL is now the recommended authentication library for use with the Microsoft identity platform.
The following articles can help you migrate to MSAL:
- Migrate to MSAL.Android
- Migrate to MSAL.iOS / macOS
- Migrate to MSAL Java
- Migrate to MSAL.js
- Migrate to MSAL.NET
- Migrate to MSAL Python
- Migrate Xamarin apps using brokers to MSAL.NET
Frequently asked questions (FAQ)
Q: Is ADAL being deprecated?
A: Yes. Starting June 30th, 2020, we will no longer add new features to ADAL. We'll continue adding critical security fixes to ADAL until June 30th, 2022.
Q: How do I know which of my apps are using ADAL?
A: If you have the source code for the application, you can reference the above migration guides to help determine which library the app uses and how to migrate it to MSAL. If you don't have access to your application's source code, you can open a support request to obtain a list of your registered applications and the library each application uses.
Q: Will my existing ADAL apps continue to work?
A: Your existing apps will continue to work without modification. If you're planning to keep them beyond June 30th, 2022, you should consider updating them to MSAL to keep them secure, but migrating to MSAL isn't required to maintain existing functionality.
Q: Why should I invest in moving to MSAL?
A: MSAL contains new features not in ADAL including incremental consent, single sign-on, and token cache management. Also, unlike ADAL, MSAL will continue to receive security patches beyond June 30th, 2022. Learn more.
Q: Will you release a tool that helps me move my apps from ADAL to MSAL?
A: No. Differences between the libraries would require dedicating resources to development and maintenance of the tool that would otherwise be spent improving MSAL. However, we do provide the preceding set of migration guides to help you make the required changes in your application.
Q: How does MSAL work with AD FS?
A: MSAL.NET supports certain scenarios to authenticate against AD FS 2019. If your app needs to acquire tokens directly from earlier version of AD FS, you should remain on ADAL. Learn more.
Q: How do I get help migrating my application?
A: See the Migration guidance section of this article. If, after reading the guide for your app's platform, you have additional questions, you can post on Stack Overflow with the tag
[adal-deprecation] or open an issue in library's GitHub repository. See the Languages and frameworks section of the MSAL overview article for links to each library's repo.