Online webinar recording | Simplify user application authentication using Microsoft Identity Platform


Microsoft identity platform is an evolution of the Azure Active Directory developer platform. It allows developers to build applications that sign in all Microsoft identities. It support to below kind of activity:

Work and school accounts
Personal accounts (such as Outlook.com or Hotmail.com)
Social identity (such as LinkedIn, Facebook, Google) via MSAL and Azure AD B2C

Azure AD v1.0 platform used to authenticate work and school accounts by requesting tokens from the Azure AD v1.0 endpoint.

Microsoft identity platform (v2.0) authenticate any Microsoft identity into your application. It is fully supported open-source Microsoft Authentication Library (MSAL) is recommended for use against the identity platform endpoints. MSAL support single sign-on (SSO) experiences for your users.

Let's explore the difference between Microsoft Authentication Library (v2.0) and Azure Active Directory Authentication Library (V1.0).


S.NO MSAL JS or MSAL .NET ADAL JS or ADAL .NET
1 Known as Microsoft Authentication Library using endpoint V2.0 Known as Azure AD Authentication Library using endpoint V1.0
2 MSAL used to authenticate a broader set of Microsoft Identities
Azure AD identities
Microsoft account, social and local account through Azure B2C)		 Azure AD V1.0 used  to authenticate
Azure identities (work and school)
3 Method to renew tokens silently without prompting users is named acquireTokenSilent (more descriptive) Method to renew tokens silently without prompting users is named acquireToken
4 MSAL.js API is designed around user agent client application such as Web Browser ADAL.js uses AuthenticationContext as the representation of an instance of your application's connection 
5 Method to acquire token requests can take different authority values than what is set in the UserAgentApplication  Methods to acquire tokens are associated with a single authority set in the AuthenticationContext
6 Authority Value: V2.0 use https://login.microsoftonline.com/common authority, will allow users to sign in with any Azure AD organization account or a Microsoft personal account (MSA).
To restrict the sign in to only Azure AD accounts use https://login.microsoftonline.com/organizations		 Authority Value :  v1.0, use https://login.microsoftonline.com/common authority will allow users to sign in with any Azure AD account (for any organization)


By at 3 comments:
Labels: , ,
Subscribe to: Posts (Atom)