From 670ccc035050d293a0b10823085e5120b11c98a2 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Fri, 1 Mar 2024 12:02:43 +0300
Subject: [PATCH 01/17] Update SDK with native authentication content
---
README.md | 78 +++++++++++++++++++++++++++++++++++++++++++------------
1 file changed, 62 insertions(+), 16 deletions(-)
diff --git a/README.md b/README.md
index 453e275c15..39ab4bc8c5 100644
--- a/README.md
+++ b/README.md
@@ -1,23 +1,30 @@
-Microsoft Authentication Library (MSAL) for Android
-==============================================
+# Microsoft Authentication Library (MSAL) for Android
-|[📚Documentation](https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-android) | [ 🚀 Getting Started](https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-mobile-app-android-sign-in) | [💻 Sample Code](https://github.com/AzureAD/microsoft-authentication-library-for-android/wiki/MSAL-Code-Samples)| [ 📖 Library Reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [🛠️ Support](README.md#community-help-and-support) | [🌐 Docs Site](https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-mobile-overview)
-| --- | --- | --- | --- | --- | --- |
+| Documentation | Sample Code | Library Reference | Support |
+|-------------------------------|---------------------------|-------------------|---------|
+| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/)
[Workforce apps tutorials](https://learn.microsoft.com/en-us/entra/identity-platform/tutorial-v2-android)
Customer apps tutorials
• Browser-delegated
• Native Authentication | [Workforce samples](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Customer samples](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | 🛠️ |
+| --- | --- | --- | --- |
+## Overview
-## Introduction
-The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secured web APIs for their Android based applications.
-The MSAL library for Android gives your app the ability to use the [Microsoft Cloud](https://cloud.microsoft.com) by supporting [Microsoft Azure Active Directory](https://azure.microsoft.com/services/active-directory/) and [Microsoft Personal Accounts](https://account.microsoft.com) using industry standard OAuth2 and OpenID Connect. The library also supports [Azure AD B2C](https://azure.microsoft.com/services/active-directory-b2c/).
+MSAL Android is a library that enables Android applications to authenticate users with Microsoft identity platform (formerly Azure Active Directory) and access protected web APIs using OAuth2 and OpenID Connect protocols. The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secure web APIs for their Android based applications.
+
+MSAL Android supports multiple authentication scenarios, such as single sign-on (SSO), conditional access, and brokered authentication. MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows.
[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
-### :exclamation: Migrating from ADAL
+## Migrating from ADAL
-ADAL Android was deprecated on June 2023. We do not support ADAL. See the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal)
+The Azure Active Directory Authentication Library (ADAL) for Android was deprecated on June 2023. Follow the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal) to avoid putting your app's security at risk..
-## Using MSAL
+## Getting started
-- Before you can get a token from Azure AD v2.0 or Azure AD B2C, you'll need to register an application. To register your app, use [the Azure portal](https://aka.ms/AppRegistrations). For Azure AD B2C, checkout [how to register your app with B2C](https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-app-registration).
+To use MSAL Android in your application, you need to register your application in the Microsoft Entra Admin center and configure your Android project. Since MSAL Android supports both browser-delegated and native authentication experiences, follow the steps in the following tutorials based on your scenario.
+• For browser-delegated scenarios, refere to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in)
+• For Native Authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/how-to-run-sample-android-app?branch=pr-en-us-2021#register-an-application)
+
+
+## Using MSAL Android
### Requirements
@@ -27,7 +34,9 @@ ADAL Android was deprecated on June 2023. We do not support ADAL. See the [ADAL
### Step 1: Declare dependency on MSAL
-Add to your app's build.gradle:
+Add the following dependencies to your app's build.gradle:
+
+**For browser-delegated authentication**
```gradle
dependencies {
@@ -43,11 +52,25 @@ maven {
}
```
+**For Native Authentication**
+
+
+```java
+dependencies {
+implementation 'com.microsoft.identity.client:msal:5.1.0'
+}
+maven {
+ url 'https://pkgs.dev.azure.com/MicrosoftDeviceSDK/DuoSDK-Public/_packaging/Duo-SDK-Feed/maven/v1'
+ name 'Duo-SDK-Feed'
+ }
+```
+
### Step 2: Create your MSAL configuration file
-[Configuration Documentation](https://docs.microsoft.com/azure/active-directory/develop/msal-configuration)
+**Browser-delegated Authentication:**
+
+It's simplest to create your configuration file as a "raw" resource file in your project resources. You'll be able to refer to this using the generated resource identifier when constructing an instance of PublicClientApplication. If you are registering your app in the portal for the first time, you will also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
-It's simplest to create your configuration file as a "raw" resource file in your project resources. You'll be able to refer to this using the generated resource identifier when constructing an instance of PublicClientApplication. If you are registering your app in the portal for the first time, you will also be provided with this config JSON.
```javascript
{
@@ -59,7 +82,30 @@ It's simplest to create your configuration file as a "raw" resource file in your
>NOTE: In the `redirect_uri`, the part `` refers to the package name returned by the `context.getPackageName()` method. This package name is the same as the [`application_id`](https://developer.android.com/studio/build/application-id) defined in your `build.gradle` file.
->NOTE: This is the minimum required configuration. MSAL relies on the defaults that ship with the library for all other settings. Please refer to the [configuration file documentation](https://docs.microsoft.com/azure/active-directory/develop/msal-configuration) to understand the library defaults.
+>NOTE: This is the minimum required configuration. MSAL relies on the defaults that ship with the library for all other settings. Please refer to the [configuration file documentation](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration) to understand the library defaults.
+
+**For Native Authentication:**
+
+1. Right-click res and choose New > Directory. Enter raw as the new directory name and select OK.
+1. In this new folder (app > src > main > res > raw), create a new JSON file called auth_config_native_auth.json and paste the following template MSAL Configuration:
+
+```
+{
+ "client_id": "Enter_the_Application_Id_Here",
+ "authorities": [
+ {
+ "type": "CIAM",
+ "authority_url": "https://Enter_the_Tenant_Subdomain_Here.ciamlogin.com/Enter_the_Tenant_Subdomain_Here.onmicrosoft.com/"
+ }
+ ],
+ "challenge_types": ["oob"],
+ "logging": {
+ "pii_enabled": false,
+ "log_level": "INFO",
+ "logcat_enabled": true
+ }
+ }
+```
### Step 3: Configure the AndroidManifest.xml
@@ -90,7 +136,7 @@ It's simplest to create your configuration file as a "raw" resource file in your
```
->NOTE: Please refer to [this FAQ](https://github.com/AzureAD/microsoft-authentication-library-for-android/wiki/MSAL-FAQ#redirect-uri-issues) for more information on common redirect uri issues.
+>NOTE: Please refer to the [frequently asked questions](https://learn.microsoft.com/en-us/entra/msal/android/frequently-asked-questions) for more information on common redirect uri issues.
### Step 4: Create an MSAL PublicClientApplication
From 2e57fa47371acb12a3a3e20ac3b8c3d79e837ebd Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 5 Mar 2024 18:18:37 +0300
Subject: [PATCH 02/17] content updates
---
README.md | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/README.md b/README.md
index 39ab4bc8c5..08b599c80b 100644
--- a/README.md
+++ b/README.md
@@ -2,8 +2,7 @@
| Documentation | Sample Code | Library Reference | Support |
|-------------------------------|---------------------------|-------------------|---------|
-| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/)
[Workforce apps tutorials](https://learn.microsoft.com/en-us/entra/identity-platform/tutorial-v2-android)
Customer apps tutorials
• Browser-delegated
• Native Authentication | [Workforce samples](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Customer samples](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | 🛠️ |
-| --- | --- | --- | --- |
+| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
## Overview
@@ -19,9 +18,11 @@ The Azure Active Directory Authentication Library (ADAL) for Android was depreca
## Getting started
-To use MSAL Android in your application, you need to register your application in the Microsoft Entra Admin center and configure your Android project. Since MSAL Android supports both browser-delegated and native authentication experiences, follow the steps in the following tutorials based on your scenario.
-• For browser-delegated scenarios, refere to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in)
-• For Native Authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/how-to-run-sample-android-app?branch=pr-en-us-2021#register-an-application)
+To use MSAL Android in your application, you need to register your application in the Microsoft Entra Admin center and configure your Android project. Since MSAL Android supports both browser-delegated and native authentication experiences, follow the steps in the following tutorials based on your scenario.
+
+* For browser-delegated scenarios, refer to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in).
+
+* For Native Authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview).
## Using MSAL Android
@@ -36,7 +37,7 @@ To use MSAL Android in your application, you need to register your application i
Add the following dependencies to your app's build.gradle:
-**For browser-delegated authentication**
+**For browser-delegated authentication:**
```gradle
dependencies {
@@ -52,7 +53,7 @@ maven {
}
```
-**For Native Authentication**
+**For Native authentication:**
```java
@@ -67,10 +68,9 @@ maven {
### Step 2: Create your MSAL configuration file
-**Browser-delegated Authentication:**
-
-It's simplest to create your configuration file as a "raw" resource file in your project resources. You'll be able to refer to this using the generated resource identifier when constructing an instance of PublicClientApplication. If you are registering your app in the portal for the first time, you will also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
+**Browser-delegated authentication:**
+It's simplest to create your configuration file as a "raw" resource file in your project resources. You'll be able to refer to this using the generated resource identifier when constructing an instance of PublicClientApplication. If you are registering your app in the Microsoft Entra admin center for the first time, you will also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
```javascript
{
@@ -80,11 +80,11 @@ It's simplest to create your configuration file as a "raw" resource file in your
}
```
->NOTE: In the `redirect_uri`, the part `` refers to the package name returned by the `context.getPackageName()` method. This package name is the same as the [`application_id`](https://developer.android.com/studio/build/application-id) defined in your `build.gradle` file.
+In the `redirect_uri`, the `` refers to the package name returned by the `context.getPackageName()` method. This package name is the same as the [`application_id`](https://developer.android.com/studio/build/application-id) defined in your `build.gradle` file.
->NOTE: This is the minimum required configuration. MSAL relies on the defaults that ship with the library for all other settings. Please refer to the [configuration file documentation](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration) to understand the library defaults.
+The values above are the minimum required configuration. MSAL relies on the defaults that ship with the library for all other settings. Please refer to the [MSAL Android configuration file documentation](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration) to understand the library defaults.
-**For Native Authentication:**
+**For Native authentication:**
1. Right-click res and choose New > Directory. Enter raw as the new directory name and select OK.
1. In this new folder (app > src > main > res > raw), create a new JSON file called auth_config_native_auth.json and paste the following template MSAL Configuration:
From c3c494c8ad0d8dae80e44f515bad6331e38491ba Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Wed, 6 Mar 2024 11:11:37 +0300
Subject: [PATCH 03/17] Additional content and linking to MS Learn
---
README.md | 106 ++++++++----------------------------------------------
1 file changed, 14 insertions(+), 92 deletions(-)
diff --git a/README.md b/README.md
index 08b599c80b..960a7f401b 100644
--- a/README.md
+++ b/README.md
@@ -6,24 +6,24 @@
## Overview
-MSAL Android is a library that enables Android applications to authenticate users with Microsoft identity platform (formerly Azure Active Directory) and access protected web APIs using OAuth2 and OpenID Connect protocols. The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secure web APIs for their Android based applications.
+MSAL Android is a library that enables Android applications to authenticate users with Microsoft identity platform and access protected web APIs using OAuth2 and OpenID Connect protocols. The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secure web APIs for their Android based applications.
MSAL Android supports multiple authentication scenarios, such as single sign-on (SSO), conditional access, and brokered authentication. MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows.
[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
-## Migrating from ADAL
-
-The Azure Active Directory Authentication Library (ADAL) for Android was deprecated on June 2023. Follow the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal) to avoid putting your app's security at risk..
-
## Getting started
To use MSAL Android in your application, you need to register your application in the Microsoft Entra Admin center and configure your Android project. Since MSAL Android supports both browser-delegated and native authentication experiences, follow the steps in the following tutorials based on your scenario.
-* For browser-delegated scenarios, refer to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in).
+* For browser-delegated authentication scenarios, refer to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in).
+
+* For native authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview).
+
-* For Native Authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview).
+## Migrating from ADAL
+The Azure Active Directory Authentication Library (ADAL) for Android was deprecated on June 2023. Follow the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal) to avoid putting your app's security at risk.
## Using MSAL Android
@@ -37,7 +37,7 @@ To use MSAL Android in your application, you need to register your application i
Add the following dependencies to your app's build.gradle:
-**For browser-delegated authentication:**
+**Browser-delegated authentication:**
```gradle
dependencies {
@@ -53,7 +53,7 @@ maven {
}
```
-**For Native authentication:**
+**Native authentication:**
```java
@@ -84,7 +84,7 @@ In the `redirect_uri`, the `` refers to the package name retu
The values above are the minimum required configuration. MSAL relies on the defaults that ship with the library for all other settings. Please refer to the [MSAL Android configuration file documentation](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration) to understand the library defaults.
-**For Native authentication:**
+**Native authentication:**
1. Right-click res and choose New > Directory. Enter raw as the new directory name and select OK.
1. In this new folder (app > src > main > res > raw), create a new JSON file called auth_config_native_auth.json and paste the following template MSAL Configuration:
@@ -107,7 +107,7 @@ The values above are the minimum required configuration. MSAL relies on the def
}
```
-### Step 3: Configure the AndroidManifest.xml
+### Step 3: Configure the AndroidManifest.xml for browser-delegated authentication
1. Request the following permissions via the Android Manifest
@@ -138,90 +138,12 @@ The values above are the minimum required configuration. MSAL relies on the def
>NOTE: Please refer to the [frequently asked questions](https://learn.microsoft.com/en-us/entra/msal/android/frequently-asked-questions) for more information on common redirect uri issues.
-### Step 4: Create an MSAL PublicClientApplication
-
->NOTE: In this example we are creating an instance of MultipleAccountPublicClientApplication, which is designed to work with apps that allow multiple accounts to be used within the same application. If you would like to use SingleAccount mode, refer to the [single vs. multi account documentation](https://docs.microsoft.com/azure/active-directory/develop/single-multi-account). You can also check out the [quickstart](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v2-android) for examples of how this is used.
-
-1. Create a new MultipleAccountPublicClientApplication instance.
-```Java
-
-String[] scopes = {"User.Read"};
-IMultipleAccountPublicClientApplication mMultipleAccountApp = null;
-IAccount mFirstAccount = null;
-
-PublicClientApplication.createMultipleAccountPublicClientApplication(getContext(),
- R.raw.msal_config,
- new IPublicClientApplication.IMultipleAccountApplicationCreatedListener() {
- @Override
- public void onCreated(IMultipleAccountPublicClientApplication application) {
- mMultipleAccountApp = application;
- }
-
- @Override
- public void onError(MsalException exception) {
- //Log Exception Here
- }
- });
-```
-
-2. Acquire a token interactively
-
-```java
-
-mMultipleAccountApp.acquireToken(this, SCOPES, getAuthInteractiveCallback());
-
-private AuthenticationCallback getAuthInteractiveCallback() {
- return new AuthenticationCallback() {
- @Override
- public void onSuccess(IAuthenticationResult authenticationResult) {
- /* Successfully got a token, use it to call a protected resource */
- String accessToken = authenticationResult.getAccessToken();
- // Record account used to acquire token
- mFirstAccount = authenticationResult.getAccount();
- }
- @Override
- public void onError(MsalException exception) {
- if (exception instanceof MsalClientException) {
- //And exception from the client (MSAL)
- } else if (exception instanceof MsalServiceException) {
- //An exception from the server
- }
- }
- @Override
- public void onCancel() {
- /* User canceled the authentication */
- }
- };
-}
-```
-
-3. Acquire a token silently
-
-```java
-
-/*
- Before getting a token silently for the account used to previously acquire a token interactively, we recommend that you verify that the account is still present in the local cache or on the device in case of brokered auth
-
- Let's use the synchronous methods here which can only be invoked from a Worker thread
-*/
-
-//On a worker thread
-IAccount account = mMultipleAccountApp.getAccount(mFirstAccount.getId());
-
-if(account != null){
- //Now that we know the account is still present in the local cache or not the device (broker authentication)
-
- //Request token silently
- String[] newScopes = {"Calendars.Read"};
-
- String authority = mMultipleAccountApp.getConfiguration().getDefaultAuthority().getAuthorityURL().toString();
+### Step 4: Create an MSAL PublicClientApplication
- //Use default authority to request token from pass null
- IAuthenticationResult result = mMultipleAccountApp.acquireTokenSilent(newScopes, account, authority);
-}
+For browser-delegated authentication, you'll need to create an instance of the PublicClientApplication, before you can acquire a token silently or interactively. Please proceed to the official MSAL Android documentation on how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens)
-```
+For a native authentication experience, you can optionally complete [additional logging configuration](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance), and proceed to creating an instance of the client application using the configuration we created in step 2. Learn more by following the [Native auth Android app tutorial](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance)
## ProGuard
MSAL uses reflection and generic type information stored in `.class` files at runtime to support various persistence and serialization related functionalities. Accordingly, library support for minification and obfuscation is limited. A default configuration is shipped with this library; please [file an issue](https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/new/choose) if you find any issues.
From 5a6a66720d491fcdd19605233b6502181b1b1f4f Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Wed, 6 Mar 2024 11:13:06 +0300
Subject: [PATCH 04/17] Link to CIAM samples
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 960a7f401b..6abdf9e35f 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
| Documentation | Sample Code | Library Reference | Support |
|-------------------------------|---------------------------|-------------------|---------|
-| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
+| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
## Overview
From 2a2b1de4fc17de54a98e9e1b694c85de6d61c74c Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Wed, 6 Mar 2024 11:18:11 +0300
Subject: [PATCH 05/17] restructure table
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 6abdf9e35f..9a4fbfbc7e 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
| Documentation | Sample Code | Library Reference | Support |
|-------------------------------|---------------------------|-------------------|---------|
-| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
[Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
+| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | * [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
* [Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
## Overview
From d629bd792af9026f9031111c040cd2d3fb68afe3 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Wed, 6 Mar 2024 11:43:13 +0300
Subject: [PATCH 06/17] minor fixes
---
README.md | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/README.md b/README.md
index 9a4fbfbc7e..49d8e951bd 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
| Documentation | Sample Code | Library Reference | Support |
|-------------------------------|---------------------------|-------------------|---------|
-| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | * [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
* [Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
+| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | • [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
• [Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
## Overview
@@ -136,16 +136,16 @@ The values above are the minimum required configuration. MSAL relies on the def
```
->NOTE: Please refer to the [frequently asked questions](https://learn.microsoft.com/en-us/entra/msal/android/frequently-asked-questions) for more information on common redirect uri issues.
-
+>NOTE: Please refer to the [MSAL Android FAQ](https://learn.microsoft.com/en-us/entra/msal/android/frequently-asked-questions) for more information on common redirect uri issues.
### Step 4: Create an MSAL PublicClientApplication
-For browser-delegated authentication, you'll need to create an instance of the PublicClientApplication, before you can acquire a token silently or interactively. Please proceed to the official MSAL Android documentation on how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens)
+For browser-delegated authentication, you'll need to create an instance of the PublicClientApplication, before you can acquire a token silently or interactively. Please proceed to the official MSAL Android documentation on how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens).
-For a native authentication experience, you can optionally complete [additional logging configuration](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance), and proceed to creating an instance of the client application using the configuration we created in step 2. Learn more by following the [Native auth Android app tutorial](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance)
+For a native authentication experience, you optionally complete [additional logging configuration](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance), and proceed to creating an instance of the client application using the configuration we created in [Step 2](README.md#step-2-create-your-msal-configuration-file). Learn more by following the [Native auth Android app tutorial](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance).
## ProGuard
+
MSAL uses reflection and generic type information stored in `.class` files at runtime to support various persistence and serialization related functionalities. Accordingly, library support for minification and obfuscation is limited. A default configuration is shipped with this library; please [file an issue](https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/new/choose) if you find any issues.
## Community Help and Support
From f31e70306b5dbd727c2e76abf46a71918c87ec78 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Sat, 9 Mar 2024 07:32:57 +0300
Subject: [PATCH 07/17] Apply suggestions from code review
Co-authored-by: iamgusain <75644120+iamgusain@users.noreply.github.com>
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 49d8e951bd..3bf3d1fa2f 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
## Overview
-MSAL Android is a library that enables Android applications to authenticate users with Microsoft identity platform and access protected web APIs using OAuth2 and OpenID Connect protocols. The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secure web APIs for their Android based applications.
+The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications.
MSAL Android supports multiple authentication scenarios, such as single sign-on (SSO), conditional access, and brokered authentication. MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows.
From af2f9a682a0a5ed47375df81c4a5e243636b95f5 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Sat, 9 Mar 2024 07:42:23 +0300
Subject: [PATCH 08/17] More Readme updates
---
README.md | 34 ++++++++++------------------------
1 file changed, 10 insertions(+), 24 deletions(-)
diff --git a/README.md b/README.md
index 3bf3d1fa2f..683b721b47 100644
--- a/README.md
+++ b/README.md
@@ -6,9 +6,14 @@
## Overview
-The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications.
-
-MSAL Android supports multiple authentication scenarios, such as single sign-on (SSO), conditional access, and brokered authentication. MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows.
+The Microsoft Authentication Library (MSAL) for Android is an auth SDK that can be used to seamlessly integrate authentication into your apps using industry standard OAuth2 and OpenID Connect protocols. It allows you to sign in users or apps with Microsoft identities. These identities include Microsoft Entra ID work and school accounts, personal Microsoft accounts, social accounts, and customer accounts.
+
+The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as single sign-on (SSO), Conditional Access, and brokered authentication
+
+## Native authentication support in MSAL
+
+MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows in their mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
+
[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
@@ -18,12 +23,12 @@ To use MSAL Android in your application, you need to register your application i
* For browser-delegated authentication scenarios, refer to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in).
-* For native authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview).
+* For native authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app).
## Migrating from ADAL
-The Azure Active Directory Authentication Library (ADAL) for Android was deprecated on June 2023. Follow the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal) to avoid putting your app's security at risk.
+The Azure Active Directory Authentication Library (ADAL) for Android has been deprecated effective June 2023. Follow the [ADAL to MSAL migration guide for Android](https://docs.microsoft.com/azure/active-directory/develop/migrate-android-adal-msal) to avoid putting your app's security at risk.
## Using MSAL Android
@@ -37,25 +42,6 @@ The Azure Active Directory Authentication Library (ADAL) for Android was depreca
Add the following dependencies to your app's build.gradle:
-**Browser-delegated authentication:**
-
-```gradle
-dependencies {
- implementation 'com.microsoft.identity.client:msal:4.9.+'
-}
-```
-
-Please also add the following lines to your repositories section in your gradle script:
-
-```gradle
-maven {
- url 'https://pkgs.dev.azure.com/MicrosoftDeviceSDK/DuoSDK-Public/_packaging/Duo-SDK-Feed/maven/v1'
-}
-```
-
-**Native authentication:**
-
-
```java
dependencies {
implementation 'com.microsoft.identity.client:msal:5.1.0'
From 7005ff1487135637c3173a8837b1132777717c4f Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 26 Mar 2024 16:03:39 +0300
Subject: [PATCH 09/17] Update README.md
Co-authored-by: Henry Mbugua <82150047+henrymbuguakiarie@users.noreply.github.com>
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 683b721b47..2b0d1b5280 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ To use MSAL Android in your application, you need to register your application i
* For browser-delegated authentication scenarios, refer to the quickstart, [Sign in users and call Microsoft Graph from an Android app](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-mobile-app-android-sign-in).
-* For native authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Run Android Kotlin sample app](https://learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app).
+* For native authentication scenarios, refer to the Microsoft Entra External ID sample guide, [Tutorial: Prepare your Android app for native authentication](https://learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app).
## Migrating from ADAL
From 1ff2713f4bd93e84bbd6e6eaa1f6dda429574e55 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 26 Mar 2024 16:07:49 +0300
Subject: [PATCH 10/17] library updates
---
README.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 683b721b47..bff898aa40 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ The Microsoft Authentication Library (MSAL) for Android enables developers to ac
## Native authentication support in MSAL
-MSAL Android also provides native authentication APIs that allow applications to implement a native experience with end-to-end customizable flows in their mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
+MSAL Android also enables you to implement a native authentication experience with end-to-end customizable flows in mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
@@ -56,7 +56,7 @@ maven {
**Browser-delegated authentication:**
-It's simplest to create your configuration file as a "raw" resource file in your project resources. You'll be able to refer to this using the generated resource identifier when constructing an instance of PublicClientApplication. If you are registering your app in the Microsoft Entra admin center for the first time, you will also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
+Create your configuration file as a "raw" resource in your project. Refer to it using the generated resource identifier when constructing a `PublicClientApplication` instance.. If you're registering your app in the Microsoft Entra admin center for the first time, you'll also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
```javascript
{
From 30daff9ccf25a8e2d489f1d26d618b115cebea13 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 26 Mar 2024 16:58:24 +0300
Subject: [PATCH 11/17] adress PR review feedback
---
README.md | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/README.md b/README.md
index 968b3af42d..c285077ba3 100644
--- a/README.md
+++ b/README.md
@@ -4,18 +4,21 @@
|-------------------------------|---------------------------|-------------------|---------|
| [MSAL Android documentation](https://learn.microsoft.com/en-us/entra/msal/android/) | • [Microsoft Entra ID (workforce samples)](https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code?tabs=apptype#mobile)
• [Microsoft Entra External ID (customer samples)](https://learn.microsoft.com/en-us/entra/external-id/customers/samples-ciam-all?tabs=apptype#mobile) | [ MSAL Android reference](http://javadoc.io/doc/com.microsoft.identity.client/msal) | [Get support](README.md#community-help-and-support) |
+
+[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
+
## Overview
The Microsoft Authentication Library (MSAL) for Android is an auth SDK that can be used to seamlessly integrate authentication into your apps using industry standard OAuth2 and OpenID Connect protocols. It allows you to sign in users or apps with Microsoft identities. These identities include Microsoft Entra ID work and school accounts, personal Microsoft accounts, social accounts, and customer accounts.
-The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as single sign-on (SSO), Conditional Access, and brokered authentication
+The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as single sign-on (SSO), Conditional Access, and brokered authentication.
-## Native authentication support in MSAL
+#### Native authentication support in MSAL
-MSAL Android also enables you to implement a native authentication experience with end-to-end customizable flows in mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
+MSAL Android also enables you to implement a native authentication experience with end-to-end customizable flows in mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
-[](https://repo1.maven.org/maven2/com/microsoft/identity/client/msal/)
+When implementing authentication for mobile apps on External ID, you can choose between browser-delegated authentication and native authentication. In browser-delegated authentication, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
## Getting started
From bad8218bcc49423b4fda94cdcb23bc84d8058d86 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 26 Mar 2024 17:30:09 +0300
Subject: [PATCH 12/17] more updates
---
README.md | 32 +++++++++++++++++++++++++++++---
1 file changed, 29 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index c285077ba3..f299a37d8d 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ maven {
**Browser-delegated authentication:**
-Create your configuration file as a "raw" resource in your project. Refer to it using the generated resource identifier when constructing a `PublicClientApplication` instance.. If you're registering your app in the Microsoft Entra admin center for the first time, you'll also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
+Create your configuration file as a "raw" resource in your project. Refer to it using the generated resource identifier when constructing a `PublicClientApplication` instance. If you're registering your app in the Microsoft Entra admin center for the first time, you'll also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
```javascript
{
@@ -129,9 +129,35 @@ The values above are the minimum required configuration. MSAL relies on the def
### Step 4: Create an MSAL PublicClientApplication
-For browser-delegated authentication, you'll need to create an instance of the PublicClientApplication, before you can acquire a token silently or interactively. Please proceed to the official MSAL Android documentation on how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens).
+**Browser-delegated authentication**
-For a native authentication experience, you optionally complete [additional logging configuration](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance), and proceed to creating an instance of the client application using the configuration we created in [Step 2](README.md#step-2-create-your-msal-configuration-file). Learn more by following the [Native auth Android app tutorial](https://review.learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app?branch=release-native-auth-public-preview#create-sdk-instance).
+For browser-delegated authentication, you create an instance of the PublicClientApplication, before you can acquire a token silently or interactively.
+
+```java
+PublicClientApplication.createMultipleAccountPublicClientApplication(getContext(),
+ R.raw.msal_config,
+ new IPublicClientApplication.IMultipleAccountApplicationCreatedListener() {
+ @Override
+ public void onCreated(IMultipleAccountPublicClientApplication application) {
+ mMultipleAccountApp = application;
+ }
+```
+
+Learn how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens) in the official MSAL Android documentation.
+
+
+**Native authentication**
+
+For native authentication, you create an instance of the client application as follows:
+
+```kotlin
+ authClient = PublicClientApplication.createNativeAuthPublicClientApplication(
+ this,
+ R.raw.auth_config_native_auth
+ )
+```
+
+Learn more by following the [Native auth Android app tutorial](https://learn.microsoft.com/en-us/entra/external-id/customers/tutorial-native-authentication-prepare-android-app#create-sdk-instance).
## ProGuard
From f24195db3a2b3d1f38c2400fc7ab01b7babdeb6e Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Wed, 27 Mar 2024 15:05:42 +0300
Subject: [PATCH 13/17] fix busted code samples
---
README.md | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/README.md b/README.md
index f299a37d8d..00e01c8da0 100644
--- a/README.md
+++ b/README.md
@@ -45,14 +45,14 @@ The Azure Active Directory Authentication Library (ADAL) for Android has been de
Add the following dependencies to your app's build.gradle:
-```java
+```gradle
dependencies {
-implementation 'com.microsoft.identity.client:msal:5.1.0'
+ implementation 'com.microsoft.identity.client:msal:5.1.0'
}
maven {
- url 'https://pkgs.dev.azure.com/MicrosoftDeviceSDK/DuoSDK-Public/_packaging/Duo-SDK-Feed/maven/v1'
- name 'Duo-SDK-Feed'
- }
+ url 'https://pkgs.dev.azure.com/MicrosoftDeviceSDK/DuoSDK-Public/_packaging/Duo-SDK-Feed/maven/v1'
+ name 'Duo-SDK-Feed'
+}
```
### Step 2: Create your MSAL configuration file
@@ -61,7 +61,7 @@ maven {
Create your configuration file as a "raw" resource in your project. Refer to it using the generated resource identifier when constructing a `PublicClientApplication` instance. If you're registering your app in the Microsoft Entra admin center for the first time, you'll also be provided with the detailed MSAL [Android configuration file](https://learn.microsoft.com/en-us/entra/msal/android/msal-configuration)
-```javascript
+```json
{
"client_id" : "",
"redirect_uri" : "msauth:///",
@@ -78,7 +78,7 @@ The values above are the minimum required configuration. MSAL relies on the def
1. Right-click res and choose New > Directory. Enter raw as the new directory name and select OK.
1. In this new folder (app > src > main > res > raw), create a new JSON file called auth_config_native_auth.json and paste the following template MSAL Configuration:
-```
+```json
{
"client_id": "Enter_the_Application_Id_Here",
"authorities": [
@@ -141,6 +141,7 @@ PublicClientApplication.createMultipleAccountPublicClientApplication(getContext(
public void onCreated(IMultipleAccountPublicClientApplication application) {
mMultipleAccountApp = application;
}
+ }
```
Learn how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens) in the official MSAL Android documentation.
From ded42825418651d3a73be11960b3ac96a38814cc Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 7 May 2024 13:45:36 +0300
Subject: [PATCH 14/17] Update with PR review feedback
---
README.md | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index 00e01c8da0..145f8269cd 100644
--- a/README.md
+++ b/README.md
@@ -9,14 +9,15 @@
## Overview
-The Microsoft Authentication Library (MSAL) for Android is an auth SDK that can be used to seamlessly integrate authentication into your apps using industry standard OAuth2 and OpenID Connect protocols. It allows you to sign in users or apps with Microsoft identities. These identities include Microsoft Entra ID work and school accounts, personal Microsoft accounts, social accounts, and customer accounts.
+The Microsoft Authentication Library (MSAL) for Android is an auth SDK that can be used to seamlessly integrate authentication into your apps using industry standard OAuth2 and OpenID Connect protocols. It allows you to sign in users or apps with Microsoft identities. These identities include Microsoft Entra ID work and school accounts, Microsoft personal accounts, social accounts, and customer accounts.
-The Microsoft Authentication Library (MSAL) for Android enables developers to acquire security tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as single sign-on (SSO), Conditional Access, and brokered authentication.
+The Microsoft Authentication Library (MSAL) for Android enables developers to acquire tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as [single sign-on](https://learn.microsoft.com/en-us/entra/msal/android/single-sign-on) (SSO), brokered authentication, and [Conditional Access](https://learn.microsoft.com/en-us/entra/identity-platform/developer-guide-conditional-access-authentication-context).
#### Native authentication support in MSAL
-MSAL Android also enables you to implement a native authentication experience with end-to-end customizable flows in mobile applications. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
+By default, MSAL uses the standard, browser-delegated authentication flow where you rely on the user's browser to handle the sign-in experience. This browser-based experience is the default authentication method for work and school accounts as well as personal Microsoft accounts.
+To support Microsoft Entra External ID scenarios, MSAL Android now offers Native authentication that allows you to customize the sign-in experiences within your mobile app. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
When implementing authentication for mobile apps on External ID, you can choose between browser-delegated authentication and native authentication. In browser-delegated authentication, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
@@ -55,6 +56,8 @@ maven {
}
```
+Note: We recommend using the latest version of our library when setting up your application. Check the [MSAL Android Releases](https://github.com/AzureAD/microsoft-authentication-library-for-android/releases) page.
+
### Step 2: Create your MSAL configuration file
**Browser-delegated authentication:**
From a18995d6c5d5e618e9fedc625207aa9efc9cc9be Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Tue, 7 May 2024 13:57:41 +0300
Subject: [PATCH 15/17] fix busted code sample
---
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 145f8269cd..516f4d5297 100644
--- a/README.md
+++ b/README.md
@@ -144,7 +144,7 @@ PublicClientApplication.createMultipleAccountPublicClientApplication(getContext(
public void onCreated(IMultipleAccountPublicClientApplication application) {
mMultipleAccountApp = application;
}
- }
+ });
```
Learn how to [instantiate your client application and acquire tokens](https://learn.microsoft.com/en-us/entra/msal/android/acquire-tokens) in the official MSAL Android documentation.
From 710f1973fbcf2ee6458057468e2f9409e1f14750 Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Fri, 7 Jun 2024 12:29:11 +0300
Subject: [PATCH 16/17] minor uodates
---
README.md | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index 516f4d5297..3b66e4c0b0 100644
--- a/README.md
+++ b/README.md
@@ -13,13 +13,18 @@ The Microsoft Authentication Library (MSAL) for Android is an auth SDK that can
The Microsoft Authentication Library (MSAL) for Android enables developers to acquire tokens from the Microsoft identity platform using OAuth2 and OpenID Connect protocol to authenticate users and access secure web APIs for their Android based applications. The library supports multiple authentication scenarios such as [single sign-on](https://learn.microsoft.com/en-us/entra/msal/android/single-sign-on) (SSO), brokered authentication, and [Conditional Access](https://learn.microsoft.com/en-us/entra/identity-platform/developer-guide-conditional-access-authentication-context).
-#### Native authentication support in MSAL
-By default, MSAL uses the standard, browser-delegated authentication flow where you rely on the user's browser to handle the sign-in experience. This browser-based experience is the default authentication method for work and school accounts as well as personal Microsoft accounts.
+## Authentication experiences in MSAL
+
+#### Browser-delegated authentication
+
+By default, MSAL uses the standard, browser-delegated authentication flow where you rely on the user's browser to handle the sign-in experience. In this flow, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. This browser-based experience is the default authentication method for work and school accounts as well as personal Microsoft accounts.
+
+#### Native authentication
To support Microsoft Entra External ID scenarios, MSAL Android now offers Native authentication that allows you to customize the sign-in experiences within your mobile app. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
-When implementing authentication for mobile apps on External ID, you can choose between browser-delegated authentication and native authentication. In browser-delegated authentication, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
+When implementing authentication for mobile apps on External ID, you can choose between browser-delegated authentication and native authentication. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
## Getting started
From b609c754d37ade7054823b7b97855d87a3fe1b3a Mon Sep 17 00:00:00 2001
From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com>
Date: Mon, 10 Jun 2024 19:05:45 +0300
Subject: [PATCH 17/17] Apply suggestions as per review
---
README.md | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index 3b66e4c0b0..d1857cf2e0 100644
--- a/README.md
+++ b/README.md
@@ -18,13 +18,13 @@ The Microsoft Authentication Library (MSAL) for Android enables developers to ac
#### Browser-delegated authentication
-By default, MSAL uses the standard, browser-delegated authentication flow where you rely on the user's browser to handle the sign-in experience. In this flow, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. This browser-based experience is the default authentication method for work and school accounts as well as personal Microsoft accounts.
+By default, MSAL uses the standard, browser-delegated authentication flow where you rely on the user's browser to handle the sign-in experience. In this flow, users are taken to the browser for authentication and then redirected back to the app when the sign-in process is complete. This browser-based experience is the default authentication method for work and school accounts as well as Microsoft personal accounts.
#### Native authentication
-To support Microsoft Entra External ID scenarios, MSAL Android now offers Native authentication that allows you to customize the sign-in experiences within your mobile app. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps on [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
+To support Microsoft Entra External ID scenarios, MSAL Android now offers Native authentication that allows you to customize the sign-in experiences within your mobile app. With native authentication, users are guided through a rich, native, mobile-first sign-up and sign-in journey without leaving the app. The native authentication feature is only available for mobile apps using [External ID for customers](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication).
-When implementing authentication for mobile apps on External ID, you can choose between browser-delegated authentication and native authentication. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
+When implementing authentication for mobile apps using External ID, you can choose between browser-delegated authentication and native authentication. Learn how you can [choose the right authentication option](https://learn.microsoft.com/en-us/entra/external-id/customers/concept-native-authentication#when-to-use-native-authentication) for your mobile app.
## Getting started