Get a complete list of apps using ADAL in your tenant

Support for Active Directory Authentication Library (ADAL) will end in December, 2022. Apps using ADAL on existing OS versions will continue to work, but technical support and security updates will end. Without continued security updates, apps using ADAL will become increasingly vulnerable to the latest security attack patterns. For more information, see Migrate apps to MSAL. This article provides guidance on how to use Azure Monitor workbooks to obtain a list of all apps that use ADAL in your tenant.

s workbook

Workbooks are a set of queries that collect and visualize information that is available in Azure Active Directory (Azure AD) logs. Learn more about the sign-in logs schema here. The Sign-ins workbook in the Azure portal now has a table to assist you in determining which applications use ADAL and how often they are used. First, we’ll detail how to access the workbook before showing the visualization for the list of applications.

Step 1: Send Azure AD sign-in events to Azure Monitor

Azure AD doesn't send sign-in events to Azure Monitor by default, which the Sign-ins workbook in Azure Monitor requires.

Configure AD to send sign-in events to Azure Monitor by following the steps in Integrate your Azure AD sign-in and audit logs with Azure Monitor. In the Diagnostic settings configuration step, select the SignInLogs check box.

No sign-in event that occurred before you configure Azure AD to send the events to Azure Monitor will appear in the Sign-ins workbook.

Step 2: Access sign-ins workbook in Azure portal

Once you've integrated your Azure AD sign-in and audit logs with Azure Monitor as specified in the Azure Monitor integration, access the sign-ins workbook:

  1. Sign into the Azure portal
  2. Navigate to Azure Active Directory > Monitoring > Workbooks
  3. In the Usage section, open the Sign-ins workbook

Screenshot of the Azure portal workbooks interface highlighting the sign-ins workbook.

Step 3: Identify apps that use ADAL

The table at the bottom of the Sign-ins workbook page lists apps that recently used ADAL. You can also export a list of the apps. Update these apps to use MSAL.

Screenshot of sign-ins workbook displaying apps that use Active Directory Authentication Library.

If there are no apps using ADAL, the workbook will display a view as shown below.

Screenshot of sign-ins workbook when no app is using Active Directory Authentication Library.

Step 4: Update your code

After identifying your apps that use ADAL, migrate them to MSAL depending on your application type as illustrated below.

Single-page app (SPA)

Next steps

For more information about MSAL, including usage information and which libraries are available for different programming languages and application types, see: