Get a complete list of apps using ADAL in your tenant

Azure Active Directory Authentication Library (ADAL) has been deprecated. While existing apps that use ADAL continue to work, Microsoft will no longer release security fixes on ADAL. Use the Microsoft Authentication Library (MSAL) to avoid putting your app's security at risk. If you have existing applications that use ADAL, be sure to migrate them to MSAL. This article provides guidance on how to use Azure Monitor workbooks to obtain a list of all apps that use ADAL in your tenant.

s workbook

Workbooks are a set of queries that collect and visualize information that is available in Microsoft Entra logs. Learn more about the sign-in logs schema here. The Sign-ins workbook in the Azure portal now has a table to assist you in determining which applications use ADAL and how often they are used. First, we’ll detail how to access the workbook before showing the visualization for the list of applications.

Step 1: Send Microsoft Entra sign-in events to Azure Monitor

Microsoft Entra ID doesn't send sign-in events to Azure Monitor by default, which the Sign-ins workbook in Azure Monitor requires.

Configure AD to send sign-in events to Azure Monitor by following the steps in Integrate your Microsoft Entra sign-in and audit logs with Azure Monitor. In the Diagnostic settings configuration step, select the SignInLogs check box.

No sign-in event that occurred before you configure Microsoft Entra ID to send the events to Azure Monitor will appear in the Sign-ins workbook.

Step 2: Access sign-ins workbook in Azure portal


Steps in this article may vary slightly based on the portal you start from.

Once you've integrated your Microsoft Entra sign-in and audit logs with Azure Monitor as specified in the Azure Monitor integration, access the sign-ins workbook:

  1. Sign in to the Microsoft Entra admin center as at least a Reports Reader.
  2. Browse to Identity > Monitoring & health > Workbooks.
  3. In the Usage section, open the Sign-ins workbook.

Screenshot of the Azure portal workbooks interface highlighting the sign-ins workbook.

Step 3: Identify apps that use ADAL

The table at the bottom of the Sign-ins workbook page lists apps that recently used ADAL. You can also export a list of the apps. Update these apps to use MSAL.

Screenshot of sign-ins workbook displaying apps that use Active Directory Authentication Library.

If there are no apps using ADAL, the workbook will display a view as shown below.

Screenshot of sign-ins workbook when no app is using Active Directory Authentication Library.

Step 4: Update your code

After identifying your apps that use ADAL, migrate them to MSAL depending on your application type as illustrated below.

Single-page app (SPA)

Next steps

For more information about MSAL, including usage information and which libraries are available for different programming languages and application types, see: