File level authentication with MSAL via web browser

Question

Legacy app currently using secure Basic Authentication to establish file level access permission. How is file level access permission established using MSAL?

Answer 1

Hi @BennyStils ,

Thanks for reaching out.

MSAL is a library for authentication, not for authorization. It provides a way to obtain tokens that can be used to access protected resources, but it does not define how access to those resources is granted.

In order to establish file level access permission using MSAL, you would need to use an authorization mechanism that is compatible with MSAL. One such mechanism is OAuth 2.0, which is supported by the Microsoft identity platform.

To use OAuth 2.0 with MSAL, you would need to register your application with the Microsoft identity platform, and configure it to request the appropriate permissions to access the files you want to read or write. Once your application has obtained an access token, it can use that token to access the protected resources, such as files, on behalf of the user.

However, it's important to note that file level access permission is not established using MSAL itself, but rather through the authorization mechanism that you choose to use with MSAL.

Reference - https://learn.microsoft.com/en-us/entra/identity-platform/howto-implement-rbac-for-apps

Hope this will help.

Thanks,

Shweta

Please remember to "Accept Answer" if answer helped you.