MSAL 2.0 or AadHttpClient to connect SPFX Webpart to custom Web API hosted in a different tenant?

Copper Contributor



Wonder if someone can help me. I want to connect my SPFX web part to a custom web API (being developed in .NET 5).


Given the recent changes to browsers (third party cookies limitations), it seems like the current recommendation is to use MSAL 2.0  (authorization code flow) to authenticate the user with the custom API. Unfortunately, the examples I could find from Microsoft seem to be using the AadHttpClient class which, as far as I know, uses the old ADAL library with the implicit flow (which will cause problems with browsers blocking third-party cookies).


There seems to be a lot of conflicting information out there on this subject. Some people seem to be suggesting that we should start to use authorization code flow as soon as possible (with MSAL 2.0) others ( including Microsoft) seem to be recommending using the AadHttpClient class. Also, the examples that I could find using MSAL 2.0 with SPFX seem to treat the SPFX as an SPA when in fact it isn't (what is the redirect URL in a SPFX application).


I hope the above makes sense. It would be great if I could get the community views on this.


Many thanks in advance.  




5 Replies
I'm afraid not. Project has been on pause but back to it now and still haven't managed to find a solution

@Hugo Esperanca Did you end up finding a solution? I am in the same situation. I'm having issues with AadHttpClient in Safari.

I am using MSAL 2.0 as ADAL is depericiating. However, with MSAL you will face issues related to third-party cookies.

@O365Survivor Is any documentation i can refer to regarding how app registration should be done in order to support SPFX to connect to AAD protected API using MSAL? i am specifically concerned about the Reply URL because the webpart is deployed to multiple sharepoint sites so we cannot setup different reply URL for each site.

Thank you.