Spring over navigation

MSAL iOS Swift Microsoft Graph API Sample

Services: active-directory platforms: iOS author: brandwe level: 100 client: iOS Mobile App service: Microsoft Graph

endpoint: AAD V2

Getting Started Library API Reference Support

The MSAL preview library for iOS and macOS gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. This sample demonstrates all the normal lifecycles your application should experience, including:

  • How to get a token
  • How to refresh a token
  • How to call the Microsoft Graph API
  • How to sign a user out of your application


This app is a multi-tenant app meaning it can be used by any Azure AD tenant or Microsoft Account. It demonstrates how a developer can build apps to connect with enterprise users and access their Azure + O365 data via the Microsoft Graph. During the auth flow, end users will be required to sign in and consent to the permissions of the application, and in some cases may require an admin to consent to the app. The majority of the logic in this sample shows how to auth an end user and make a basic call to the Microsoft Graph.


    if let application = try? MSALPublicClientApplication.init(clientId: <your-client-id-here>) {
        application.acquireToken(forScopes: kScopes) { (result, error) in
            if result != nil {
                    // Set up your app for the user
            } else {
    else {
            print("Unable to create application.")

Optional: Register your App

The app comes pre-configured for testing. If you would like to register your own app, please follow the steps below.

You will need to have a native client application registered with Microsoft using the App Registration Portal.

To create an app,
1. Click the Add an app on the top right of the webpage.

  1. Name your app and select Create.

    • After the app is created, you'll land on your app management page.
  2. Click Add Platform, then select Native Application.

    • The Redirect URI produced is needed when making Auth requests. If you're using MSAL, it will be automatically constructed by the library.
  3. Hit the Save button.


Load the podfile using cocoapods. This will create a new XCode Workspace you will load.

$ pod install
$ open MSALiOS.xcworkspace

Configure your application

  1. Add your application's redirect URI scheme to added in the portal to your info.plist file. It will be in the format of msal<client-id> xml <key>CFBundleURLTypes</key> <array> <dict> <key>CFBundleTypeRole</key> <string>Editor</string> <key>CFBundleURLName</key> <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string> <key>CFBundleURLSchemes</key> <array> <string>msal+your-client-id-here</string> </array> </dict> </array>

  2. Configure your application defaults

In the ViewControler.swift file, update the kClientID variable with your client ID.

    // Update the below to your client ID you received in the portal. The below is for running the demo only

    let kClientID = "<your-client-id-here>"

Feedback, Community Help, and Support

We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.

If you find and bug or have a feature request, please raise the issue on GitHub Issues.

To provide a recommendation, visit our User Voice page.


We enthusiastically welcome contributions and feedback. You can clone the repo and start contributing now. Read our Contribution Guide for more information.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Security Library

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

Security Reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");