Howdy folks,

We are one step away from releasing wave 2 of our authentication libraries for .NET!
Today we published the release candidates of both our Active Directory Authentication Library (ADAL) for .NET/Windows Store/Windows Phone and (in collaboration with our ASP.NET friends) the new OWIN middleware components for OpenId Connect and WS-Federation.

The important changes we introduced in this preview refresh are the last we plan to make before GA. The development surface you see in this release is, saved for recall class bugs, the same surface the libraries will have at release. Some highlights:

  • We updated the OWIN middleware component to address your direct feedback. For example, originally we named all properties with verbatim strings from the protocol specifications: you gave us strong feedback that the use of '_' was not in line with .NET conventions, hence we changed the product accordingly. Furthermore, we added new advanced capabilities (like token replay detection) that will come in handy when securing your applications with AD. You can read more about this release here.
  • Through its first year of existence, one of the most requested features in ADAL .NET was the ability of authenticating users via headless clients which cannot pop out a Web dialog. In this release candidate we added the ability for .NET apps to authenticate users via raw username & password and Windows integrated authentication (WIA), and for Windows Store apps to use WIA. You can read more about this feature here and here.
  • Another highly sought feature was the ability of leveraging ADAL's token cache in middle tier applications. This RC features a completely redesigned cache, which significantly reduce the amount of code you need to write on server side flows and in general makes it very easy to code custom cache implementations. See this post for details.
  • Last but not least: With this release ADAL for .NET/Windows Store/Windows Phone catches up with its iOS and Android siblings, going 100% open source! You can find the library sources in this GitHub repo.
    As an added bonus: thanks to the Visual Studio and NuGet symbol & source features, you can now access ADAL's source code directly from Visual Studio and step into it directly while debugging your apps! Head to this post for instructions on how to set that up.

We now enter the stabilization phase: please help us by giving the new libraries a spin and filing issues directly here for the OWIN components and here for ADAL.

We are very excited to be on the verge of releasing our new wave of developer libraries. The first wave unlocked the potential of Active Directory for many applications and services, inside and outside Microsoft. We hope that the extended reach and new features in this next wave will help even more people to secure their apps!

Best regards,

Alex Simons (twitter: Alex_A_Simons)
Director of Program Management
Active Directory and Protection Division