MSAL Plugin

Stable Version 1.2.2 (OutSystems 11)
Published on 27 May by 
Use Microsoft MSAL to authenticate users in your application!
Read More

Cordova MSAL Plugin

So you want to integrate your mobile app with Microsoft's authentication service?

This plugin implements Microsoft's MSAL plugin for Android and iOS. I'm assuming you're here because you've already read their documentation and understand how to configure Azure AD authentication for your organization and are simply looking for an existing Cordova wrapper to implement it on the mobile side.

Reading Microsoft's documentation, plus reading the README in my git repo of this plugin plus studying the demo found here should get you up to speed. Here's a quick guide:

Here's the JSON you'll need to configure your plugin. If you only have one environment and build, you can put it in your extensibility configuration in your wrapper application. But you probably have debug/release builds in multiple envrionments with multiple Azure clients/tenants, so LifeTime is probably the best place to manage your extensibility configuration JSON. Open your wrapper application implementing this plugin in LifeTime and click the Settings link near the application's title with the gear icon. Select your environment in the dropdown near the application's title, and scroll down to the Advanced section. Under Extensibility Configurations, tick the Custom > radial and paste your JSON with that environment's variables there:

  "plugin": {
    "url": "",
    "variables": [
        "name": "TENANT_ID",
        "value": "your-tenant-guid-here-optional"
        "name": "CLIENT_ID",
        "value": "your-client-guid-here-reuired"
        "name": "KEY_HASH",
        "value": "S0m3K3yh4shH3re="

You can specify three variables during installation\: the tenant ID and client ID of your Identity Platform, and, if you're building for Android, a base64 sha1 hash of your keystore file. The latter of which can be obtained like this:

keytool -exportcert -alias yourkeystorealias -keystore path/to/your/keystore/file.keystore | openssl sha1 -binary | openssl base64

If you aren't using AzureADMyOrg as one of your authorities, you can omit TENANT_ID, and if you're only building for iOS, you can omit KEY_HASH, but you really need to provide CLIENT_ID.

You need to call the MsalInit action before you do anything else with the plugin. It tells the plugin how to function. You can call it without changing any of the input parameters, or you can modify them to suit your app. The options basically mimic Microsoft's published configuration and are documented in Service Studio's descriptions. Those familiar with the MSAL library might notice the Android-only option authorizationUserAgent is not configurable. That option is locked on WEBVIEW, since the other options rely on AndroidX. MABS (MABS 6.x) does not support AndroidX features, which are now a standard part of the Android MSAL library. I had to do some finagling with a custom build of the library with AndroidX features stripped out to avoid getting an error trying to build it with MABS.

What’s new (1.2.2)

Fixed errant bracket in the signout function in Android.

Reviews (1)
7 May
in version 1.1.1
Works as intended out of the box. Some knowledge on Azure AD required.
Mobile Plugins
Support Options
This component is not supported by OutSystems. You may use the discussion forums to leave suggestions or obtain best-effort support from the community, including from Walter Robins who created this component.
See all 1 dependencies
Component Consumers
No consumers yet.
Weekly Downloads