With the release of version 2.30.0, we're excited to announce Azure CLI has completed the integration of Microsoft Authentication Library (MSAL) as the underlying authentication library! While there are a lot of new features to be announced during Ignite for Azure CLI, we wanted this post to focus on Azure migration from ADAL to MSAL.
Right out of the gate, MSAL provides better security for token cache and support for federated tokens with the new --federated-token parameter in az login. The new authentication library isn't only for this latest release however. It will allow for improved security and user experience features in the future, like Continuous Access Evaluation (CAE) and proactive token renewal. For more information about the benefits of MSAL, check out the MSAL Migration doc.
Version 2.30.0 introduces a breaking change. Azure CLI no longer generates ~/.azure/accessTokens.json to store ADAL tokens and service principal entries. Any existing workflow depending on accessTokens.json will no longer work. For more information about this change, please check out the MSAL-based Azure CLI doc.