Get a complete list of apps using ADAL in your tenant

Support for Active Directory Authentication Library (ADAL) will end in December, 2022. Apps using ADAL on existing OS versions will continue to work, but technical support and security updates will end. Without continued security updates, apps using ADAL will become increasingly vulnerable to the latest security attack patterns. For more information, see Migrate apps to MSAL. This article provides guidance on how to use Azure Monitor workbooks to obtain a list of all apps that use ADAL in your tenant.

Sign-ins workbook

Workbooks are a set of queries that collect and visualize information that is available in Azure Active Directory (Azure AD) logs. Learn more about the sign-in logs schema here. The Sign-ins workbook in the Azure portal now has a table to assist you in determining which applications use ADAL and how often they are used. First, we’ll detail how to access the workbook before showing the visualization for the list of applications.

Step 1: Send Azure AD sign-in events to Azure Monitor

Azure AD doesn't send sign-in events to Azure Monitor by default, which the Sign-ins workbook in Azure Monitor requires.

Configure AD to send sign-in events to Azure Monitor by following the steps in Integrate your Azure AD sign-in and audit logs with Azure Monitor. In the Diagnostic settings configuration step, select the SignInLogs check box.

No sign-in event that occurred before you configure Azure AD to send the events to Azure Monitor will appear in the Sign-ins workbook.

Step 2: Access sign-ins workbook in Azure portal

Once you've integrated your Azure AD sign-in and audit logs with Azure Monitor as specified in the Azure Monitor integration, access the sign-ins workbook:

1. Sign into the Azure portal
2. Navigate to Azure Active Directory > Monitoring > Workbooks
3. In the Usage section, open the Sign-ins workbook

Step 3: Identify apps that use ADAL

The table at the bottom of the Sign-ins workbook page lists apps that recently used ADAL. You can also export a list of the apps. Update these apps to use MSAL.

If there are no apps using ADAL, the workbook will display a view as shown below.

Step 4: Update your code

After identifying your apps that use ADAL, migrate them to MSAL depending on your application type as illustrated below.

Single-page app (SPA)

• ADAL.js to MSAL.js

Web app

• ADAL Node to MSAL Node
• ADAL.NET to MSAL.NET

Web API

• ADAL Java to MSAL Java
• ADAL Python to MSAL Python
• ADAL.NET to MSAL.NET

Desktop app

• ADAL Java to MSAL Java
• ADAL Python to MSAL Python
• ADAL.NET to MSAL.NET

Mobile app

• ADAL.Android to MSAL.Android
• ADAL.iOS to MSAL.iOS
• Xamarin Android using brokers to MSAL.NET
• Xamarin iOS using brokers to MSAL.NET

Service / daemon app

• ADAL Python to MSAL Python
• ADAL.NET to MSAL.NET
• ADAL Node to MSAL Node
• ADAL Java to MSAL Java

Next steps

For more information about MSAL, including usage information and which libraries are available for different programming languages and application types, see:

• Acquire and cache tokens using MSAL
• Application configuration options
• List of MSAL authentication libraries