Training
Module
Capture Web Application Logs with App Service Diagnostics Logging - Training
Learn about how to capture trace output from your Azure web apps. View a live log stream and download logs files for offline analysis.
Logging in MSAL for Android
The Microsoft Authentication Library (MSAL) apps generate log messages that can help diagnose issues. An app can configure logging with a few lines of code, and have custom control over the level of detail and whether or not personal and organizational data is logged. We recommend you create an MSAL logging implementation and provide a way for users to submit logs when they have authentication issues.
MSAL provides several levels of logging detail:
- LogAlways: No level filtering is done on this log level. Log messages of all levels will be logged.
- Critical: Logs that describe an unrecoverable application or system crash, or a catastrophic failure that requires immediate attention.
- Error: Indicates something has gone wrong and an error was generated. Used for debugging and identifying problems.
- Warning: There hasn't necessarily been an error or failure, but are intended for diagnostics and pinpointing problems.
- Informational: MSAL will log events intended for informational purposes not necessarily intended for debugging.
- Verbose (Default): MSAL logs the full details of library behavior.
Note
Not all log levels are available for all MSAL SDK's
By default, the MSAL logger doesn't capture any highly sensitive personal or organizational data. The library provides the option to enable logging personal and organizational data if you decide to do so.
The following sections provide more details about MSAL error logging for your application.
Turn logging on at app creation by creating a logging callback. The callback takes these parameters:
tagis a string passed to the callback by the library. It's associated with the log entry and can be used to sort logging messages.logLevelenables you to decide which level of logging you want. The supported log levels are:Error,Warning,Info, andVerbose.messageis the content of the log entry.containsPIIspecifies whether messages containing personal data, or organizational data are logged. By default, this is set to false, so that your application doesn't log personal data. IfcontainsPIIistrue, this method will receive the messages twice: once with thecontainsPIIparameter set tofalseand themessagewithout personal data, and a second time with thecontainsPiiparameter set totrueand the message might contain personal data. In some cases (when the message doesn't contain personal data), the message will be the same.
Java
private StringBuilder mLogs;
mLogs = new StringBuilder();
Logger.getInstance().setExternalLogger(new ILoggerCallback()
{
@Override
public void log(String tag, Logger.LogLevel logLevel, String message, boolean containsPII)
{
mLogs.append(message).append('\n');
}
});
By default, the MSAL logger won't capture any personal identifiable information or organizational identifiable information. To enable the logging of personal identifiable information or organizational identifiable information:
Java
Logger.getInstance().setEnablePII(true);
To disable logging personal data and organization data:
Java
Logger.getInstance().setEnablePII(false);
By default logging to logcat is disabled. To enable:
Java
Logger.getInstance().setEnableLogcatLog(true);
For more code samples, refer to Microsoft identity platform code samples.