Microsoft Build 2020 allowed us to engage deeply with our developer community, and we are continuing to improve how developers can easily use identity features in their applications. To help developers take advantage of all the identity features available in our platform, we’re now recommending that all developers to use the Microsoft Authentication Library (MSAL) and the Microsoft Graph API in their application development. Moving forward, all new identity capabilities will only be available in MSAL and Microsoft Graph. We’re also providing guidance on end of support timelines for Azure Active Directory (Azure AD) Authentication Library (ADAL) and Azure AD Graph API, so you can plan to update any applications that are still using either one of them.
MSAL makes it easy for developers to add identity capabilities to their applications. With just a few lines of code, developers can authenticate users and applications, as well as acquire tokens to access resources. MSAL also enables developers to integrate with the latest capabilities in our platform—like passwordless and Conditional Access.
Microsoft Graph API offers a single endpoint for developers to access Azure AD APIs, as well as APIs from several other Microsoft services like Teams, Exchange, and Intune. Microsoft Graph has all the capabilities that have been available in Azure AD Graph, such as service principal and app role assignment—and new Azure AD APIs like identity protection and authentication methods. Developers can also use the Microsoft Graph client libraries and get built-in support for features like retry handling, secure redirects, transparent authentication, and payload compression.
We’re publishing the following timelines for end of support of ADAL and Azure AD Graph.
Starting, June 30th, 2020, we will no longer add any new features to ADAL and Azure AD Graph. We will continue to provide technical support and security updates but will no longer provide feature updates.
Starting June 30th, 2022, we will end support for ADAL and Azure AD Graph and will no longer provide technical support or security updates. Apps using Azure AD Graph after this time will no longer receive responses from the Azure AD Graph endpoint. Apps using ADAL on existing OS versions will continue to work after this time but will not get any technical support or security updates.
You can get started by using our migration guides to identify which applications need to be updated and how to best transition to MSAL and Microsoft Graph. For applications that are using ADAL, review our migration guide to transition to MSAL. For applications that are using Azure AD Graph, follow our guidance to migrate Azure AD Graph apps to Microsoft Graph.
In the coming months, we'll be providing reporting in the Azure portal to help you self-identify which of your apps are using ADAL or Azure AD Graph. For any other questions, open issues, and feature requests, let us know through Stack Overflow by using the tag adal-deprecation or azureadgraph-deprecation.
As always, we’d love to hear any feedback or suggestions you may have. Please let us know what you think in the comments below or on the Azure AD feedback forum.
Alex Simons (Twitter: @Alex_A_Simons)
Corporate Vice President of Program Management
Microsoft Identity Division
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.