Configure your app for ADAL authentication

This topic describes the steps for configuring your app for Azure Active Directory Authentication Library (ADAL) based authentication.

Azure authentication setup

You will need the following:


Ask your IT Admin whether or not you have a subscription for Microsoft Azure Rights Management and, have your IT Admin perform the steps below. If your organization does not have a subscription, you should have your IT admin create one. Also, your IT Admin should subscribe with a Work or school account, rather than a Microsoft account (i.e. Hotmail).

After signing up for Microsoft Azure:

Azure login

  • Browse down to the Active Directory application on the left side of the portal.

Select Active Directory

  • If you haven’t created a directory already, choose the New button located in the bottom left corner of the portal.

Select NEW

  • Select the Rights Management tab and ensure that the Rights Management Status is either Active, Unknown or Unauthorized. If the status is Inactive, choose the Activate button at the bottom, center portion of the portal and confirm your selection.


  • Now, create a new Native Application in your directory by selecting your directory, choosing Applications.


  • Then choose the Add button located in the bottom, center portion of the portal.

Select ADD

  • At the prompt choose Add an application my organization is developing.

Select Add an application my organization is developing

  • Name your application by selecting NATIVE CLIENT APPLICATION and choosing the Next button.

Name your app

  • Add a redirection URI and choose next. The redirection URI needs to be a valid URI and unique to your directory. For example, you could use something like

Add redirect URI

  • Select your application in the directory and choose CONFIGURE.



Copy the CLIENT ID and REDIRECT URI and store them for future use when configuring the RMS client.

  • Browse to the bottom of your application settings and choose the Add application button under permissions to other applications.


The Delegated Permissions that are shown for Windows Azure Active Directory are correct by default – only one option should be selected and that option is Sign in and read user profile.

Select Add application

  • Choose the plus button next to Microsoft Rights Management.

Select the + button

  • Now, choose the check mark located on the bottom left corner of the dialog.

Choose check mark

  • You’re now ready to add a dependency to your application for Azure RMS. To add the dependency, select the new Microsoft Rights Management Services entry under permissions to other applications and choose the Create and access protected content for users checkbox under the Delegated Permissions: drop box.

Setup permissions

  • Save your application to persist the changes by choosing the Save icon located on the bottom, center of the portal.

Select SAVE