MSALLegacySharedAccountsProvider

Objective-C

@interface MSALLegacySharedAccountsProvider
    : NSObject <MSALExternalAccountProviding>

Swift

class MSALLegacySharedAccountsProvider : NSObject, MSALExternalAccountProviding

Sample implementation of the MSALExternalAccountProviding protocol that can work with legacy Microsoft account storage. Use it if:

  1. You’re migrating from ADAL to MSAL and where previously relying on shared Microsoft account storage. In that case, usage of this class should be temporary, until more than X% of users migrate to MSAL (X can be 95% depending on your app requirements).
  2. As sample code to implement your own MSALExternalAccountProviding

Switching between read-write and read-only modes

  • Specifies if MSALLegacySharedAccountsProvider will attempt to write/remove accounts. Set to MSALLegacySharedAccountModeReadWrite to attempt writing accounts Default is MSALLegacySharedAccountModeReadOnly, which means MSALLegacySharedAccountsProvider will not modify external account storage

    Declaration

    Objective-C

    @property (nonatomic) MSALLegacySharedAccountMode sharedAccountMode;

    Swift

    var sharedAccountMode: MSALLegacySharedAccountMode { get set }

Constructing MSALLegacySharedAccountsProvider

  • Initialize new instance of MSALLegacySharedAccountsProvider.

    After initialization, set it in the MSALCacheConfig class, e.g.

    MSALLegacySharedAccountsProvider *provider = [[MSALLegacySharedAccountsProvider alloc] initWithSharedKeychainAccessGroup:@"com.mycompany.mysso"
                                                                                                           serviceIdentifier:@"MyAccountServiceIdentifier"
                                                                                                       applicationIdentifier:@"MyApp"];
    
    MSALPublicClientApplicationConfig *pcaConfig = [[MSALPublicClientApplicationConfig alloc] initWithClientId:clientId
                                                                                                   redirectUri:redirectUri
                                                                                                     authority:authority];
    
    [pcaConfig.cacheConfig addExternalAccountProvider:provider];
    MSALPublicClientApplication *application = [[MSALPublicClientApplication alloc] initWithConfiguration:pcaConfig error:&error];
    

    Declaration

    Objective-C

    - (nonnull instancetype)
        initWithSharedKeychainAccessGroup:(nonnull NSString *)sharedGroup
                        serviceIdentifier:(nonnull NSString *)serviceIdentifier
                    applicationIdentifier:(nonnull NSString *)applicationIdentifier;

    Swift

    init(sharedKeychainAccessGroup sharedGroup: String, serviceIdentifier: String, applicationIdentifier: String)

    Parameters

    sharedGroup

    Specify keychain access group from which accounts will be read.

    serviceIdentifier

    Specify unique account entry identifier in the keychain (each keychain entry is identifier by “account” and “service” parameters, this is the “service” part of it)

    applicationIdentifier

    Your application name for logging and storage purposes.