Skip to content
DidunAyodeji edited this page Apr 22, 2022 · 37 revisions

The Microsoft Authentication Library for Java (MSAL4J) enables applications to integrate with the Microsoft identity platform. It allows you to sign in users or apps with Microsoft identities (Azure AD, Microsoft accounts and Azure AD B2C accounts) and obtain tokens to call Microsoft APIs such as Microsoft Graph or your own APIs registered with the Microsoft identity platform. It is built using industry standard OAuth2 and OpenID Connect protocols.


  1. Why use MSAL4J?

  2. Pre-requisite: Before using MSAL4J you will have to register your applications with Azure AD.

  3. Learn about the supported scenarios.

  4. To start using MSAL4J, instantiate and configure the client application.

  5. Learn about the ways to acquire a token using MSAL4J. This returns an IAuthenticationResult.

  6. Follow best practices for a robust enterprise ready application.

  7. Refer FAQ for common issues and known bugs.


Date Release Main features
Releases All Releases
Mar 25 2022 1.11.3 Allow client assertions as callbacks and as per-request parameters
Feb 9 2022 1.11.2 Updated oauth2-oidc-sdk version to address security vulnerability
Feb 3 2022 1.11.1 Fixed Retrofit security vulnerabilities
Jul 6 2021 1.11.0 Adds ability to override authority in AcquireToken callsSupport for ADFS 2019
Jun 16 2021 1.10.1 Improved behavior when using regional authorities. Scope override issue in OBO flow has been fixed.
Apr 26 2021 1.10.0 Instance aware support for interactive requests. Default cache lookup for on-behalf-of and client credential flows.
Feb 12 2021 1.9.1 Update com.fasterxml.jackson.core.jackson-databind to 2.12.1
Feb 2 2021 1.9.0 Add support for Azure region discovery
Dec 14 2020 1.8.1 New ClaimsRequest class to allow ID token claims to be requested as part of any token request
Oct 29 2020 1.8.0 ITenantProfile added to IAuthenticationResult for easier access to ID token claims
Sep 27 2020 1.7.1 sendX5c API added to IConfidentialClientApplication to specify if the x5c claim
Sep 6 2020 1.7.0 Tenant profiles added to IAccount. Support of certificate chain has been added.
Aug 17 2020 1.6.2 Fix for "NullPointerException during accessing B2C authority aliases". Adding extraScopesToConsent parameter to AuthorizationRequestUrlParameters builder.
History Memory Lane