Azure Active Directory libraries for Java
Overview
Sign-on users and control access to applications and APIs with Azure Active Directory.
To get started with Azure AD, see Java web app sign-in and sign-out with Azure AD.
Client library
Configure OAuth2, OpenID Connect, or Active Directory Graph authentication and SAML 2.0 single-sign on with the Azure Active Directory authentication library (ADAL) for Java.
Add a dependency to your Maven pom.xml
file to use the client library in your project.
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>adal4j</artifactId>
<version>1.2.0</version>
</dependency>
Example
Retrieve a JSON Web Token (JWT) for a user in your an Active Directory tenant using Azure Active Directory's Graph API. This token can then be used to authenticate the user with an application or API.
ExecutorService service = Executors.newFixedThreadPool(1);
AuthenticationContext context = new AuthenticationContext(AUTHORITY, false, service);
Future<AuthenticationResult> future = context.acquireToken(
"https://graph.windows.net", YOUR_TENANT_ID, username, password,
null);
AuthenticationResult result = future.get();
System.out.println("Access Token - " + result.getAccessToken());
System.out.println("Refresh Token - " + result.getRefreshToken());
System.out.println("ID Token - " + result.getIdToken());
Management API
Configure role based access control and assign identities (such as users and service principals) to those roles with the management API.
Add a dependency to your Maven pom.xml
file to use the management API in your project.
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-mgmt-graph-rbac</artifactId>
<version>1.3.0</version>
</dependency>
Example
Create a new service principal and assign it the Contributor role.
ServicePrincipal sp = Azure.servicePrincipals().define(spName)
.withNewApplication("http://" + spName)
.create();
RoleAssignment roleAssignment2 = authenticated.roleAssignments()
.define("contribRoleAssignment")
.forServicePrincipal(sp)
.withBuiltInRole(BuiltInRole.CONTRIBUTOR)
.withSubscriptionScope("862f67bc-d3ae-4243-bec7-3da6dca77717")
.create();
Samples
Manage groups, users, and roles
Sign-in and sign-out users in a Java web app
Access an API with Azure AD using a command line app
Call the Active AD Graph API from your Java web app
Explore more sample Java code for Azure AD you can use in your apps.