Follow best practices for a robust enterprise ready application

You've seen that with ADAL.NET you can quite simply acquire a token for a protected Web API. you benefit from the token cache, and you don't have to handle yourself refreshing tokens.

However, to build robust, enterprise ready applications, you will need to do a bit more. For instance you'll want to:

• carefully handle exceptions, both when you acquire a token, but also when you call the protected Web API. The way to handle them is different depending on the error
• in particular, if your application runs in an Azure AD tenant where the tenant admins have set policies to enforce Multiple Factor Authentication (MFA), you will need to react to Claim challenge. this is true both on Desktop/Mobile applications, and on Web APIs and explained in Handling AdalClaimChallengeException
• if you want a set of your applications to benefit from Single Sign On, you might want, on Android and iOS (through Xamarin) to cooperate with the brokers.
• on Windows Desktop and .NET Core, you'll want to customize the token cache serialization, as none is provided on these platforms. There are special cases for Web applications or Web APIs.
• You might want to enable logging, to troubleshoot your application, and help your users, while respecting their privacy and being compliant with GDPR
• Finally in the case of multi-tenant applications there are things to know to avoid that your end users have to sign-in each time they use the application.

Note: some topics referenced in this page don't have a wiki page yet