In this documentation, you will find detailed information about the Microsoft Authentication Library (MSAL). MSAL is a developer library that helps you integrate authentication and authorization into your applications, allowing users to sign in with their Microsoft or Azure Active Directory accounts.
The features of MSAL include:
- Securely sign in users with their Microsoft or Azure Active Directory accounts
- Acquire access tokens to access Microsoft APIs, such as Microsoft Graph
- Store and manage user tokens securely for subsequent use
- Support for various platforms including iOS, Android, and .NET
- Flexible token cache management
- Support for single and multi-tenant scenarios
Getting Started
Prerequisites
Before you start integrating MSAL into your application, ensure that you have the following:
- A Microsoft Azure account or an Azure Active Directory tenant
- An application registered in Azure AD. If you haven’t registered your application, please follow the steps outlined in the Azure AD documentation.
- The necessary credentials such as the client ID, redirect URI, or client secret, depending on the platform you are developing for.
Installation
MSAL can be installed using either CocoaPods or Swift Package Manager.
pod 'MSAL' # Swift 5.0
pod 'MSAL', '~> 1.3' # Swift 4.x compatibility
For more information on installing MSAL using CocoaPods, refer to the CocoaPods documentation.
dependencies: [
.package(url: "https://github.com/AzureAD/microsoft-authentication-library-for-objc", .upToNextMajor(from: "1.0.0"))
]
For detailed instructions on using Swift Package Manager with MSAL, consult the Swift Package Manager documentation.
Usage
Import Statement
Add the following import statement to your file:
import MSAL
Create a Public Client Application object
To get started, create an instance of the MSALPublicClientApplication
class:
let authority = try! MSALAADAuthority(url: URL(string: "https://login.microsoftonline.com/your-tenant-id-here")!)
let pcaConfig = MSALPublicClientApplicationConfig(clientId: "your-client-id-here", redirectUri: "your-redirect-uri-here", authority: authority)
let application = try! MSALPublicClientApplication(configuration: pcaConfig)
Make sure to replace the placeholders with your actual tenant ID, client ID, and redirect URI.
Acquire a token
To request a token for a specific resource, use the following code:
let loginHint = "user@example.com"
let parameters = MSALInteractiveTokenParameters(scopes: ["your-scope-here"], webviewParameters: MSALWebviewParameters(parentViewController: self))
parameters.loginHint = loginHint
application.acquireToken(with: parameters) { (result, error) in
if let error = error {
print("Error acquiring token: \\(error.localizedDescription)")
return
}
guard let accessToken = result?.accessToken else {
print("Access token not found")
return
}
print("Access token: \\(accessToken)")
}
Replace “your-scope-here” with the actual scope for your desired resource.
More Information
For more information about MSAL, please refer to the official MSAL GitHub repository.
Conclusion
Congratulations! You have successfully integrated MSAL into your application. Feel free to explore more of MSAL’s features and capabilities to enhance the authentication and authorization experience for your users.