How to migrate Owin to MSAL

18438213 1 Reputation point
2021-09-13T13:45:03.933+00:00

I have 2 queries please help me on that:
1.We have recently migrated our application to Azure AD (oauth v2)- for that we have used Microsoft.Owin dll's.And our application using client credential flow. How to migrate from Owin to MSAL(API's, Web app, Task schedulers).

2.ADAL security updates will stop from June 30,2022. But we are not using ADAL (ADAL.NET libraries not using). At the same time we are not using Microsoft.Identity.Client (MSAL.NET) libraries as well. And some other microsoft libraries we are using in our application(ex: microsoft.identitymodel, microsoft.Odata,microsoft.owin etc). That means still we need to update to MSAL?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,539 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,601 Reputation points
    2021-09-27T11:39:59.003+00:00

    Hello @VenkataRohithGanduri-6681,

    Thanks for reaching out.

    OWIN and MSAL both have different functionalities and are not replacement for each other. Please refer to this for migration - Migrate confidential client applications from ADAL.NET to MSAL.NET.

    The OWIN packages are used by an ASP.NET app to authenticate users with the OpenID Connect and Cookies combo. They are used to authenticate the user in the app. Adding sign-in to a web app is about protecting the web app and validating a user token, which is what middleware libraries do. In the case of .NET, this scenario does not yet require the Microsoft Authentication Library (MSAL), which is about acquiring a token to call protected APIs.

    In the other hand, for Web apps calling protected APIs, MSAL deals with token acquisition, not user authentication. So, if your app needs to call any API, eg., MS Graph API, you can use MSAL to get the access token for that, after the OpenID Connect package has finished authenticating the user and received an authorization code. MSAL can request for tokens and handles token caching and token refresh for you.

    Hope this helps.

    ------
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments