Use Microsoft MSAL to authenticate users in your application!
Read less
So you want to integrate your mobile app with Microsoft's authentication service?
Note: All 2.x and higher versions of this plugin need MABS 7.x+ to build correctly. If you need to use a prior version of MABS, be sure to download version 1.x of this plugin.
This plugin implements Microsoft's MSAL plugin for Android and iOS. I'm assuming you're here because you've already read their documentation and understand how to configure Azure AD authentication for your organization and are simply looking for an existing Cordova wrapper to implement it on the mobile side.
Reading Microsoft's documentation, plus reading the README in my git repo of this plugin plus studying the demo found here should get you up to speed. Here's a quick guide:
Here's the JSON you'll need to configure your plugin if targeting Android. If you're building for iOS only, skip this step. If you only have one environment and build, you can put it in your extensibility configuration in your wrapper application. But you probably have debug/release builds in multiple environments with multiple keys for your Android APK, so LifeTime is probably the best place to manage your extensibility configuration JSON. Open your wrapper application implementing this plugin in LifeTime and click the Settings link near the application's title with the gear icon. Select your environment in the dropdown near the application's title, and scroll down to the Advanced section. Under Extensibility Configurations, tick the Custom > radial and paste your JSON with that environment's variables there:
{ "plugin": { "url": "https://github.com/wrobins/cordova-plugin-msal.git#v4.0.1", "variables": [ { "name": "KEY_HASH", "value": "S0m3K3yh4shH3re=" } ] }}
{ "plugin": { "url":
, "variables": [ { "name": "KEY_HASH", "value": "S0m3K3yh4shH3re=" } ] }}
KEY_HASH is a base64 sha1 hash of your keystore file, which can be obtained like this:
keytool -exportcert -alias yourkeystorealias -keystore path/to/your/keystore/file.keystore | openssl sha1 -binary | openssl base64
You need to call the MsalInit action before you do anything else with the plugin. It tells the plugin how to function. You can call it without changing any of the input parameters, or you can modify them to suit your app. The options basically mimic Microsoft's published configuration and are documented in Service Studio's descriptions.
Here's the JSON you'll need to configure your plugin. If you only have one environment and build, you can put it in your extensibility configuration in your wrapper application. But you probably have debug/release builds in multiple environments with multiple Azure clients/tenants, so LifeTime is probably the best place to manage your extensibility configuration JSON. Open your wrapper application implementing this plugin in LifeTime and click the Settings link near the application's title with the gear icon. Select your environment in the dropdown near the application's title, and scroll down to the Advanced section. Under Extensibility Configurations, tick the Custom > radial and paste your JSON with that environment's variables there:
{ "plugin": {"url": "https://github.com/wrobins/cordova-plugin-msal.git#3.0.0-beta.1","variables": [{"name": "TENANT_ID","value": "your-tenant-guid-here-optional"},{"name": "CLIENT_ID","value": "your-client-guid-here-reuired"},{"name": "KEY_HASH","value": "S0m3K3yh4shH3re="}]}}
You can specify three variables during installation\: the tenant ID and client ID of your Identity Platform, and, if you're building for Android, a base64 sha1 hash of your keystore file. The latter of which can be obtained like this:
If you aren't using AzureADMyOrg as one of your authorities, you can omit TENANT_ID, and if you're only building for iOS, you can omit KEY_HASH, but you really need to provide CLIENT_ID.