Skip to content
This repository has been archived by the owner on Jun 30, 2023. It is now read-only.

ADAL.NET supports multiple application architectures and multiple platforms

Bogdan Gavril edited this page Jul 10, 2019 · 4 revisions

Scope of ADAL.NET

Why use ADAL.NET ?

ADAL.NET V3 (Active Directory Authentication Library for .NET) enables developers of .NET applications to acquire tokens in order to call secured Web APIs. These Web APIs can be the Microsoft Graph, or 3rd party Web APIs.

ADAL.NET Supports multiple application architectures

It supports all the possible application topologies except the User-agent based client (which is only supported in JavaScript):

  • native client (mobile/desktop applications) calling a Web API in the name of the user,
  • daemons/services or web clients (Web Apps/ Web APIs) calling a Web API in the name of a user, or without a user.

ADAL.NET Supports multiple platforms

ADAL.NET supports several platforms:

  • .NET Framework,
  • .NET Core,
  • Xamarin Android,
  • Xamarin iOS,
  • UWP,
  • Windows 8.1 (WinRT). The last version of ADAL supporting Windows 8.1 and Windows Phone 8.1 is ADAL 3.19.8. Support for these platform was dropped in ADAL 4.x

Important

Not all the authentication features are available in all platforms, mostly because:

  • they would not make sense in those platforms (for instance iOS and Android applications don't support confidential client flows as these platforms cannot guarantee that application secrets would be safe),
  • or because of limitations of the platform itself (for instance .NET Core does not provide UI, and therefore acquisition of tokens requiring user interaction through a Web browser is not possible in .NET Core).

Most of the pages in the wiki describe the most complete platform (.NET Framework), but, topic by topic, it also occasionally calls out differences between platforms.

ADAL.NET is about acquiring tokens, not protecting an API

ADAL.NET is used to acquire tokens. It's not used to protect a Web API. If you are interested in protecting a Web API with Azure AD, you might want to check out:

Protecting the app itself with Intune

Your mobile app (written in Xamarin.iOS or Xamarin.Android) can have app protection policies applied to it, so that it can be managed by Intune and recognized by Intune as a managed app. The Intune SDK is separate from ADAL, and it talks to AAD on its own.

Clone this wiki locally