![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 34%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E1%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,473 questions
Hello @VenkataRohithGanduri-6681,
Thanks for reaching out.
OWIN and MSAL both have different functionalities and are not replacement for each other. Please refer to this for migration - Migrate confidential client applications from ADAL.NET to MSAL.NET.
The OWIN packages are used by an ASP.NET app to authenticate users with the OpenID Connect and Cookies combo. They are used to authenticate the user in the app. Adding sign-in to a web app is about protecting the web app and validating a user token, which is what middleware libraries do. In the case of .NET, this scenario does not yet require the Microsoft Authentication Library (MSAL), which is about acquiring a token to call protected APIs.
In the other hand, for Web apps calling protected APIs, MSAL deals with token acquisition, not user authentication. So, if your app needs to call any API, eg., MS Graph API, you can use MSAL to get the access token for that, after the OpenID Connect package has finished authenticating the user and received an authorization code. MSAL can request for tokens and handles token caching and token refresh for you.
Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.