-
Notifications
You must be signed in to change notification settings - Fork 340
PII
Bogdan Gavril edited this page Jan 9, 2023
·
5 revisions
- tokens (access tokens, id tokens, refresh tokens, client assertions generated by MSAL etc.)
- passwords (in any case MSAL is only given the password in the Username / Password (ROPC) flow. MSAL does not have access to the password entered by the user in a browser)
- authorization codes
- PKCE code
- successful network responses from the /authorize or /token endpoint (they might contain tokens or auth codes)
- network requests (they might contain passwords)
- private keys of certs
- username
- login hint
- id token claims (note that MSAL only parses the id token, it never looks at access token / refresh token)
- authorization uri (it may contain a login hint)
- Object ID aka
oid
- IDs related to an organization / tenant (not the user) - tenant id, directory id, directory name (e.g. contonso.onmicrosoft.com)
- authority
- client / application id
- exception messages and stack traces, including error codes coming from AAD
- HTTP details other than request / response (e.g. HTTP status codes, payload size etc.)
- correlation id
- runtime details (OS name, .NET version)
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Xamarin Docs
- UWP
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code