Migrating applications to MSAL.NET or Microsoft.Identity.Web
Why migrate to MSAL.NET or Microsoft.Identity.Web
Both the Microsoft Authentication Library for .NET (MSAL.NET) and Azure AD Authentication Library for .NET (ADAL.NET) are used to authenticate Azure AD entities and request tokens from Azure AD. Up until now, most developers have requested tokens from Azure AD for developers platform (v1.0) using Azure AD Authentication Library (ADAL). These tokens are used to authenticate Azure AD identities (work and school accounts).
MSAL comes with benefits over ADAL. Some of these benefits are listed below:
- You can authenticate a broader set of Microsoft identities: work or school accounts, personal Microsoft accounts, and social or local accounts with Azure AD B2C,
- Your users will get the best single-sign-on experience,
- Your application can enable incremental consent, Conditional Access,
- You benefit from continuous innovation in term of security and resilience,
- Your application implements the best practices in term of resilience and security.
MSAL.NET or Microsoft.Identity.Web are now the recommended auth libraries to use with the Microsoft identity platform. No new features will be implemented on ADAL.NET. The efforts are focused on improving MSAL.NET. For details see the announcement: Update your applications to use Microsoft Authentication Library and Microsoft Graph API.
Should you migrate to MSAL.NET or to Microsoft.Identity.Web
Before digging in the details of MSAL.NET vs ADAL.NET, you might want to check if you want to use MSAL.NET or a higher-level abstraction like Microsoft.Identity.Web.
For details about the decision tree below, read MSAL.NET or Microsoft.Identity.Web.
- Learn about public client and confidential client applications.
- Learn how to migrate confidential client applications built on top of ASP.NET MVC or .NET classic from ADAL.NET to MSAL.NET.
- Learn how to migrate public client applications built on top of .NET or .NET classic from ADAL.NET to MSAL.NET.
- Learn more about the Differences between ADAL.NET and MSAL.NET apps.
- Learn how to migrate confidential client applications built on top of ASP.NET Core from ADAL.NET to Microsoft.Identity.Web: