Integrating Microsoft Active Directory Login in Native App - Simplified

I am working on an Android project and we wanted to Integrate Microsoft AD Login for authentication in the app. Following the documentation didn’t got me to where I wanted to go ‘easily’ so here I am sharing a simple process to integrate AD Login in Native apps. I am going to explain for Android but I am sure iOS people can follow up easily.

Step 1 - Check out Documentation for References.

Go to this Microsoft documentation and keep it aside for reference.

Step 2 - Register App in Azure

• Register your application in Azure Portal.

• Follow the above marked steps and click on Create, then you will get the below screen giving out your ApplicationID and ObjectID. We need ApplicationID also known as ClientID.

Your reply url should be “ApplicationID”+://auth as you can see in the Image above on the right hand side.

For example if your client id is ‘83471–312323–231’ then your reply url will be ‘83471–312323–231://auth’

Step 3 - Download Sample Project

• Download Sample Android Project for Android or iOS
• Open the app and try out the basic Login Process to get yourself familiarise with the Login Process.

Step 4 - Making Code Change [For Android]

• Copy the MainActivity.java and activity_main.xml into your Project as it is, maybe change the name as per your requirements. Don’t forget to add your activity in the Manifest.
• In Manifest, also add below code before closing <application> tag. This will help open a browser activity for login, and then close automatically and redirect back to your app after Login. Make sure to replace your ApplicationID here also.

<!--Intent filter to capture System Browser calling back to our app after Sign In-->
<activity
    android:name="com.microsoft.identity.client.BrowserTabActivity">
    <intent-filter>
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />

        <!--Add in your scheme/host from registered redirect URI-->
        <data android:scheme="msal[Your APPLICATION_ID here]"
            android:host="auth" />
    </intent-filter>
</activity>

• Go to resources >> raw and copy auth_config.json file. Paste it in your project. Make sure to replace client_id with your ApplicationID and redirect_uri to be the same as your configured above to “[applicationID]://auth”

Step 5 - Test out the app, and you are done.

Good job, if you have made so far and everything is working. Go ahead and create some cool apps. Below are some issues I ran into while working with it, if you have any issues see if this can help.

Some Issues while integrating AD Login

• MSAL for Android: SHA-256 digest error (AuthenticationCallback.class) during Instant Run with androidx, make sure to disable Instant Run for Android Projects to fix this issue.
• Trouble Signing In as ReplyUrl doesn’t match: Make sure that your reply url consists of your applicationID followed by ://auth and is configured correctly in Manifest, auth_config.json and in your Azure Portal.
• Trouble Signing In as Project is not Multi-Tenant: In Azure Portal, make sure your project is configured as Multi Tenant.