MSALPublicClientApplication
Objective-C
@interface MSALPublicClientApplication : NSObject
Swift
class MSALPublicClientApplication : NSObject
Representation of OAuth 2.0 Public client application. Create an instance of this class to acquire tokens. One instance of MSALPublicClientApplication can be used to interact with multiple AAD clouds, and tenants, without needing to create a new instance for each authority. For most apps, one MSALPublicClientApplication instance is sufficient.
To create an instance of the MSALPublicClientApplication, first create an instance MSALPublicClientApplicationConfig
.
Setup MSALPublicClientApplicationConfig
with needed configuration, and pass it to the [MSALPublicClientApplication initWithConfiguration:error:]
initializer.
For example:
NSError *msalError = nil; MSALPublicClientApplicationConfig *config = [[MSALPublicClientApplicationConfig alloc] initWithClientId:@"your-client-id-here"]; MSALPublicClientApplication *application = [[MSALPublicClientApplication alloc] initWithConfiguration:config error:&msalError];
-
A copy of the configuration which was provided in the initializer. Any changes to mutable properties on the configuration object will not affect the behavior of the Public Cilent Application. Parameter to be used to configure MSALPublicClientApplication. It contains all values to be used in the instance and is a superset of all properties known to this class.
Declaration
Objective-C
@property (readonly, nonnull) MSALPublicClientApplicationConfig *configuration;
Swift
var configuration: MSALPublicClientApplicationConfig { get }
-
Initialize a MSALPublicClientApplication with a given configuration
Note
It is important to configure your MSALPublicClientApplicationConfig object before calling MSALPublicClientApplication’s initializer. MSALPublicClientApplication makes a copy of the configuration object you provide on initialization. Once configured, MSALPublicClientApplication object ignores any changes you make to the MSALPublicClientApplicationConfig object.
Declaration
Objective-C
- (nullable instancetype) initWithConfiguration:(nonnull MSALPublicClientApplicationConfig *)config error:(NSError *_Nullable *_Nullable)error;
Swift
init(configuration config: MSALPublicClientApplicationConfig) throws
Parameters
config
Configuration for PublicClientApplication
error
The error that occurred creating the application object, if any (optional)
-
Initialize a MSALPublicClientApplication with a given clientID
Declaration
Objective-C
- (nullable instancetype)initWithClientId:(nonnull NSString *)clientId error:(NSError *_Nullable *_Nullable)error;
Swift
init(clientId: String) throws
Parameters
clientId
The clientID of your application, you should get this from the app portal.
error
The error that occurred creating the application object, if any (optional)
-
Returns an array of all accounts visible to this application.
Declaration
Objective-C
- (nullable NSArray<MSALAccount *> *)allAccounts: (NSError *_Nullable *_Nullable)error;
Swift
func allAccounts() throws -> [MSALAccount]
Parameters
error
The error that occured trying to retrieve accounts, if any, if you’re not interested in the specific error pass in nil.
-
Returns account for the given account identifier (received from an account object returned in a previous acquireToken call)
Declaration
Objective-C
- (nullable MSALAccount *)accountForIdentifier:(nonnull NSString *)identifier error:(NSError *_Nullable *_Nullable) error;
Swift
func account(forIdentifier identifier: String) throws -> MSALAccount
Parameters
error
The error that occured trying to get the accounts, if any, if you’re not interested in the specific error pass in nil.
-
Returns account for the given account identifying parameters (received from an account object returned in a previous acquireToken call)
Declaration
Objective-C
- (nullable NSArray<MSALAccount *> *) accountsForParameters:(nonnull MSALAccountEnumerationParameters *)parameters error:(NSError *_Nullable *_Nullable)error;
Swift
func accounts(for parameters: MSALAccountEnumerationParameters) throws -> [MSALAccount]
Parameters
error
The error that occured trying to get the accounts, if any, if you’re not interested in the specific error pass in nil.
-
Returns account for for the given username (received from an account object returned in a previous acquireToken call or ADAL)
Declaration
Objective-C
- (nullable MSALAccount *)accountForUsername:(nonnull NSString *)username error: (NSError *_Nullable *_Nullable)error;
Swift
func account(forUsername username: String) throws -> MSALAccount
Parameters
username
The displayable value in UserPrincipleName(UPN) format
error
The error that occured trying to get the accounts, if any, if you’re not interested in the specific error pass in nil.
-
Returns account for the given account identifying parameters including locally cached accounts and accounts from the SSO extension Accounts from SSO extension are only available on iOS 13+ and macOS 10.15+. On earlier versions, this method will return same results as a local account query.
Declaration
Objective-C
- (void)accountsFromDeviceForParameters: (nonnull MSALAccountEnumerationParameters *)parameters completionBlock:(nonnull MSALAccountsCompletionBlock) completionBlock;
Swift
func accountsFromDevice(for parameters: MSALAccountEnumerationParameters) async throws -> [MSALAccount]
Parameters
completionBlock
The completion block that will be called when accounts are loaded, or MSAL encountered an error.
-
Ask MSAL to handle a URL response.
Declaration
Objective-C
+ (BOOL)handleMSALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication;
Swift
class func handleMSALResponse(_ response: URL, sourceApplication: String?) -> Bool
Parameters
response
URL response from your application delegate’s openURL handler for MSAL web or brokered authentication sessions
sourceApplication
The application that opened your app with that URL. Can be retrieved from options by UIApplicationOpenURLOptionsSourceApplicationKey key. See more info here: https://developer.apple.com/documentation/uikit/uiapplicationdelegate/1623112-application?language=objc
Return Value
YES if URL is a response to a MSAL web or brokered session and handled, NO otherwise.
-
Cancels any currently running interactive web authentication session, resulting in the authorization UI being dismissed and the acquireToken request ending in a cancelation error.
Declaration
Objective-C
+ (BOOL)cancelCurrentWebAuthSession;
Swift
class func cancelCurrentWebAuthSession() -> Bool
-
Acquire a token for a provided parameters using interactive authentication.
Declaration
Objective-C
- (void)acquireTokenWithParameters: (nonnull MSALInteractiveTokenParameters *)parameters completionBlock:(nonnull MSALCompletionBlock)completionBlock;
Swift
func acquireToken(with parameters: MSALInteractiveTokenParameters) async throws -> MSALResult
Parameters
parameters
Parameters used for interactive authentication.
completionBlock
The completion block that will be called when the authentication flow completes, or encounters an error.
-
Acquire a token silently for a provided parameters.
Declaration
Objective-C
- (void)acquireTokenSilentWithParameters: (nonnull MSALSilentTokenParameters *)parameters completionBlock: (nonnull MSALCompletionBlock)completionBlock;
Swift
func acquireTokenSilent(with parameters: MSALSilentTokenParameters) async throws -> MSALResult
Parameters
parameters
Parameters used for silent authentication.
completionBlock
The completion block that will be called when the authentication flow completes, or encounters an error.
-
Removes all tokens from the cache for this application for the provided account. MSAL won’t be able to return tokens silently after calling this API, and developer will need to call acquireToken. User might need to enter his credentials again after calling this API
Declaration
Objective-C
- (BOOL)removeAccount:(nonnull MSALAccount *)account error:(NSError *_Nullable *_Nullable)error;
Swift
func remove(_ account: MSALAccount) throws
Parameters
account
The account to remove from the cache
-
Removes all tokens from the cache for this application for the provided account. Additionally, this API will remove account from the system browser or the embedded webView by navigating to the OIDC end session endpoint if requested in parameters (see more https://openid.net/specs/openid-connect-session-1_0.html). Moreover, if device has an SSO extension installed, the signout request will be handled through the SSO extension.
As a result of the signout operation, application will not be able to get tokens for the given account without user entering credentials. However, this will not sign out from other signed in apps on the device, unless it is explicitly enabled by the administrator configuration through an MDM profile.
Declaration
Objective-C
- (void)signoutWithAccount:(nonnull MSALAccount *)account signoutParameters:(nonnull MSALSignoutParameters *)signoutParameters completionBlock: (nonnull MSALSignoutCompletionBlock)signoutCompletionBlock;
Swift
func signout(with account: MSALAccount, signoutParameters: MSALSignoutParameters) async throws -> Bool
-
Reads device information from the authentication broker if present on the device.
Declaration
Objective-C
- (void)getDeviceInformationWithParameters:(nullable MSALParameters *)parameters completionBlock: (nonnull MSALDeviceInformationCompletionBlock) completionBlock;
Swift
func deviceInformation(with parameters: MSALParameters?) async throws -> MSALDeviceInformation
-
Reads WPJ metadata (UPN, tenant ID, deviCe ID) from the authentication broker if present on the device for a specific tenantId
Declaration
Objective-C
- (void)getWPJMetaDataDeviceWithParameters:(nullable MSALParameters *)parameters forTenantId:(nullable NSString *)tenantId completionBlock: (nonnull MSALWPJMetaDataCompletionBlock) completionBlock;
Swift
func wpjMetaDataDevice(with parameters: MSALParameters?, forTenantId tenantId: String?) async throws -> MSALWPJMetaData
-
A boolean indicates if a compatible broker is present in device for AAD requests.
Declaration
Objective-C
@property (readonly) BOOL isCompatibleAADBrokerAvailable;
Swift
var isCompatibleAADBrokerAvailable: Bool { get }
-
A String indicates the version of current MSAL SDK
Declaration
Objective-C
@property (class, readonly, nullable) NSString *sdkVersion;
Swift
class var sdkVersion: String? { get }
-
Gets the current account and return previous account if present. This can be useful to detect if the current account changes. This method must be called whenever the application is resumed or prior to running a scheduled background operation.
If there’re multiple accounts present, MSAL will return an ambiguous account error, and application should do account disambiguation by calling other MSAL Account enumeration APIs.
Declaration
Objective-C
- (void)getCurrentAccountWithParameters:(nullable MSALParameters *)parameters completionBlock: (nonnull MSALCurrentAccountCompletionBlock) completionBlock;
Swift
func currentAccount(with parameters: MSALParameters?) async throws -> (MSALAccount?, MSALAccount?)