Support MacCatalyst

[SameerK-MSFT]

Support MacCatalyst in the library

[SameerK-MSFT]

Support MacCatalyst in the Library

[bgavrilMS]

Please add BUG or Feature Request tags on work items. Also, please update the Effort number.

[SameerK-MSFT]

MacCatalyst does not support existing file based keychain access. To switch to Data Protection based access, it may require coordination with other teams. Started the communication. Ref

[bgavrilMS]

Ack, dropping this for now as it requires extensive work and collab with MSAL.ObjC team on KeyChain APIs and config.

[SophisticatedConsulting]

Please prioritise MacCatalyst support and MAUI support in general. MS is pushing MAUI but this does not seem to be fully aligned across MS.

[bgavrilMS]

CC @oldalton

[pmaytak]

If I remember the original issue was that a maui maccatalyst project ended up using ios MSAL target, which broke in the keychain code. Can the existing Xamarin Mac code not work for MacCatalyst target?

[bgavrilMS]

Root cause for not supporting MacCatalyst - https://github.com/AzureAD/microsoft-authentication-library-for-objc/issues/649

Basically we're not sure how to store the token cache so that it doesn't break future scenarios. Blocked until this is figured out by MSAL-ObjC team.

[MSicc]

any news on this?

[bgavrilMS]

We do not plan to support Mac Catalyst in the foreseeable future. Please upvote for this feature to understand interest.

[bgavrilMS]

@EddieLukeAtmey - this repo is for MSAL.NET. I believe your query is about MSAL ObjC (which also does not support MacCatalyst)

[EddieLukeAtmey]

Sorry for bothering you. I've deleted the comment and moved it to the MSAL ObjC Repo.

[charlesroddie]

This issue is currently tied up with a small Microsoft bureaucracy that don't seem to be aware of broader Microsoft cross platform products and strategy let alone customer needs. The objective C linked issue:

• Has been discussing this for 3 years: https://github.com/AzureAD/microsoft-authentication-library-for-objc/issues/649
• Is said to be blocked on some feature related to mobile device management where the "iOS-style keychain" is said to be inadequate for Mac, despite the facts that MDM is a niche issue affecting a minority of users compared to the ability to log in to an app, and despite the fact that "iOS-style keychain" is adequate for authentication on iOS and if it's adequate for iOS it must be adequate for authentication on Mac.
• A workaround is found by a user (remove && !TARGET_OS_MACCATALYST)) https://github.com/AzureAD/microsoft-authentication-library-for-objc/issues/649#issuecomment-784106303 but discouraged as "such a workaround is not encouraged, since not all of the scenarios would work without an official code-level support from our side".
• Closed this as unplanned https://github.com/AzureAD/microsoft-authentication-library-for-objc/issues/649#issuecomment-1428866420

Overall the organization in charge of that repo has programmers involved but seems unable to make high level decisions. Most likely the org needs to be bypassed in some way or an appeal to some part of Microsoft that can make a decision needs to be made. It appears that the org is deliberately blocking support of mac catalyst (via the text && !TARGET_OS_MACCATALYST) as they believe that if the library cannot be used by developers who need special conditional access features for mac, it should not be used by anyone.

I think this repo should fork https://github.com/AzureAD/microsoft-authentication-library-for-objc , remove && !TARGET_OS_MACCATALYST as described in the workaround, and test. Very likely that will get MSAL working on maccatalyst in exactly the way it works on iOS.

[kyurkchyan]

We bumped over this issue while migrating our existing app to Maui. It's a shame that, as @charlesroddie mentioned, Microsoft is pushing a cross-platform technology, but the ecosystem is not there to support the full utilization of cross-platform capabilities.

[bgavrilMS]

While MSAL .NET doesn't support Mac Catalyst, app developers do have the option of using extensibility points to achieve this.

Serialize the cache to KeyChain

https://learn.microsoft.com/en-us/entra/msal/dotnet/how-to/token-cache-serialization?tabs=custom

Pop up a Web Browser

https://learn.microsoft.com/en-us/entra/identity-platform/scenario-desktop-acquire-token-interactive?tabs=dotnet#withcustomwebui

for iOS the MSAL's system browser code is here: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/main/src/client/Microsoft.Identity.Client/Platforms/iOS/SystemWebview/SystemWebUI.cs

[cconner100]

So is there any examples of how this will all work on a mac catalyst system? Thanks for the pointers but an example of how to do this with AZB2C would be nice

[bengavin]

@bgavrilMS adding another voice in support of getting proper MacCatalyst support out of the box for MAUI. I'm uncertain why this is such a hang-up, we have data stored in the keychain via the SecureStorage libraries in .NET 8 MAUI, so that seems like a solved problem. Do we have any vision into the 'when' of getting this landed in the OOB library?