Migrate Android applications that use a broker from ADAL.NET to MSAL.NET

If you have a Xamarin Android app currently using the Azure Active Directory Authentication Library for .NET (ADAL.NET) and an authentication broker, it's time to migrate to the Microsoft Authentication Library for .NET (MSAL.NET).


  • A Xamarin Android app already integrated with a broker (Microsoft Authenticator or Intune Company Portal) and ADAL.NET that you need to migrate to MSAL.NET.

Step 1: Enable the broker

Current ADAL code:MSAL counterpart:
In ADAL.NET, broker support is enabled on a per-authentication context basis.

To call the broker, you had to set a useBroker to true in the PlatformParameters constructor:

public PlatformParameters(
        Activity callerActivity,
        bool useBroker)

In the platform-specific page renderer code for Android, you set the useBroker flag to true:

page.BrokerParameters = new PlatformParameters(

Then, include the parameters in the acquire token call:

AuthenticationResult result =
                new Uri(RedirectURI),
In MSAL.NET, broker support is enabled on a per-PublicClientApplication basis.

Use the WithBroker() parameter (which is set to true by default) to call broker:

var app = PublicClientApplicationBuilder

Then, in the AcquireToken call:

result = await app.AcquireTokenInteractive(scopes)

Step 2: Set an Activity

In ADAL.NET, you passed in an activity (usually the MainActivity) as part of the PlatformParameters as shown in Step 1: Enable the broker.

MSAL.NET also uses an activity, but it's not required in regular Android usage without a broker. To use the broker, set the activity to send and receive responses from broker.

Current ADAL code:MSAL counterpart:
The activity is passed into the PlatformParameters in the Android-specific platform.
page.BrokerParameters = new PlatformParameters(

In MSAL.NET, do two things to set the activity for Android:

  1. In MainActivity.cs, set the App.RootViewController to the MainActivity to ensure there's an activity with the call to the broker.

    If it's not set correctly, you may get this error: "Activity_required_for_android_broker":"Activity is null, so MSAL.NET cannot invoke the Android broker. See https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Leveraging-the-broker-on-iOS-and-Android"

  2. On the AcquireTokenInteractive call, use the .WithParentActivityOrWindow(App.RootViewController) and pass in the reference to the activity you will use. This example will use the MainActivity.

For example:

In App.cs:

   public static object RootViewController { get; set; }

In MainActivity.cs:

   LoadApplication(new App());
   App.RootViewController = this;

In the AcquireToken call:

result = await app.AcquireTokenInteractive(scopes)

Next steps

For more information about Android-specific considerations when using MSAL.NET with Xamarin, see Configuration requirements and troubleshooting tips for Xamarin Android with MSAL.NET.