Microsoft Azure Active Directory Authentication Library (ADAL)

Microsoft Azure Active Directory Authentication Library (ADAL) is a tool in the .NET framework that lets client applications developers authenticate users to an on-premises Active Directory deployment or to the cloud. ADAL will then secure API calls by locating tokens for access. Microsoft says ADAL can helps client application developers be more focused on their application's business logic because of ADAL's ability to handle complexity and securing resources without needing extensive security expertise.

Before using ADAL, organizations must be running .NET Framework 4.5 and, if running it on on-premises AD, Active Directory Federation Services for Windows Server 2012 R2. If organizations are using Azure AD as the main identity provider, they must have Internet connectivity, an Azure subscription and an Azure AD tenant.

There are four main features in ADAL. ADAL supports the automatic refreshment of tokens after they reach their expiration; it also supports asynchronous methods that require tokens. ADAL can manage the process of getting tokens and, by default, stores tokens in what Microsoft calls an "in-memory token cache."