MSAL

The Microsoft Authentication Libraries (MSAL) became generally available in May 2019 after a very long preview cycle whilst the libraries evolved to reach parity with its predecessor the Azure Active Directory Authentication Libraries (ADAL).

I’ve written many posts on using the Microsoft authentication libraries with PowerShell and Python for Azure Active Directory / Microsoft Graph integration. This page summarizes the posts associated with the differing authentication methods.

Microsoft Authentication Library with PowerShell

Delegated Permissions & Device Code Flow

In this post I show how to authenticate and query Microsoft Graph using MSAL.PS with PowerShell after obtaining an access and refresh token using a Device Code flow. It also details refreshing the tokens using the MSAL.PS PowerShell package.

Delegated Permissions & Interactive Authentication

In this post I show how to authenticate and query Microsoft Graph using MSAL with PowerShell after obtaining an access and refresh token using an Interactive Flow whereby the first authentication triggers login via a browser and then storing tokens in a local MSAL cache.

Application Permissions & Client Credential Authentication

In this post I show how to authenticate and query Microsoft Graph using MSAL.PS with PowerShell after obtaining an access and refresh token using application permissions and a client credential flow. It also details refreshing the tokens using the MSAL.PS PowerShell package.

Application Permissions & Certificate Based Authentication

In this post I show how to authenticate and query Microsoft Graph using MSAL.PS with PowerShell using application permissions and certificate based authentication.

Authorization Code with PKCE Flow

Whilst not strictly using the MSAL libraries (as MSAL.PS hasn’t added support for PKCE yet) this post details how to use PowerShell with an Authorization Code with PKCE flow and client credentials.

Microsoft Authentication Library with Python

Introduction to using MSAL with Python

In this post I provide an introduction to using the MSAL Python package to authenticate and query Microsoft Graph.

Delegated Permissions & Device Code Flow

In this post I show how to authenticate and query Microsoft Graph using MSAL with Python after obtaining an access and refresh token using a Device Code flow. It also shows refreshing the tokens using the MSAL Python package.

Delegated Permissions & Interactive Authentication

In this post I show how to authenticate and query Microsoft Graph using MSAL with Python after obtaining an access and refresh token using an Interactive Flow whereby the first authentication triggers login via a browser and then storing tokens in a local MSAL cache.

Application Permissions & Certificate Based Authentication

In this post I show how to authenticate and query Microsoft Graph using MSAL with Python using application permissions and certificate-based authentication.

Using PyJWT version 2.4.0+ to Decode Microsoft Graph Access Tokens

In this post I detail the code changes required to utilise the PyJWT package version greater than 1.7.1 (e.g versions 2.x+) to decode access tokens and determine the access token expiry.