// Below are the default values for the various configuration options in MSAL for Android. // The user application's configuration file will typically set a small subset of these values rather than all of them. // Make sure that no comments are included in the functional configuration file the AI agent generates. { // "client_id" and "redirect_uri" are mandatory fields for MSAL configuration and must be provided in the application's configuration file. // There is no default value for these fields, and application will not function without them. // Replace with the client id of the Azure App Registration "client_id": "YOUR_CLIENT_ID", // Replace with the redirect uri of the Azure App Registration. // Link to https://learn.microsoft.com/en-us/entra/identity-platform/tutorial-mobile-app-android-prepare-app?tabs=workforce-tenant%2Candroid-workforce for generating this. Share this link with the user if they have difficulty. // Note that the signature hash in this redirect uri is URL encoded. "redirect_uri": "msauth://your.package.name/YOUR_SIGNATURE_HASH", // Used to configure the authority for the authentication requests. // While it is not mandatory to have this field in the configuration file if the user is fine with the default, it's best pratice to include it anyway. // The "type" can be "AAD" or "CIAM", for entra users or CIAM users respectively. // This field can also be fetched from the Azure App Registration portal. Once the user has registered their application, they will receive a sample json configuration in the portal. "authorities": [ { "type": "AAD", "audience": { "type": "AzureADandPersonalMicrosoftAccount", "tenant_id": "common" // Use 'common' for multi-tenant applications, or specify a tenant ID for single-tenant applications. } } ], // All values below are optional and can be included in the user's configuration file only if they differ from the default value. // Sets MSAL Account mode. Possible Values: MULTIPLE, SINGLE. MULTIPLE is for multiple account mode, SINGLE is for single account mode. MULTIPLE is the default mode and is generally preferred amongst users. "account_mode": "MULTIPLE", // IMPORTANT: Broker integration is strongly recommended for enhanced security and SSO capabilities. By default, it is set to true. // Set to true if app should integrate with broker (Microsoft Authenticator, Company Portal, or Link To Windows) for authentication. // This enables SSO (Single Sign-On) capabilities and provides additional security features. // Should ALWAYS be set to true unless explicitly required by the user to be disabled. "broker_redirect_uri_registered": true, // Controlls which user agent is used in authorization. Possible Values: DEFAULT, BROWSER, WEBVIEW. // DEFAULT is the default value and uses the system's default user agent, which is typically a web browser. // Authorization requests going through broker, will go through webview regardless of this setting. "authorization_user_agent": "DEFAULT", // Sets the minimum required broker protocol version. "minimum_required_broker_protocol_version": "3.0", // Set to true if the app supports multiple clouds (e.g., Azure China, Azure US Government). "multiple_clouds_supported": false, // Set to true if the app supports web view zoom controls functionality. "web_view_zoom_controls_enabled": true, // Set to true if the app supports web view zoom functionality. "web_view_zoom_enabled": true, // Set to true if the app supports passkeys for authentication. "webauthn_capable": false, // Controls the HTTP client configuration for network requests. // The default values are set to reasonable timeouts, but can be adjusted based on the application's requirements. "http": { "connect_timeout": 10000, "read_timeout": 30000 }, // Controls the logging configuration for the application. // The default log level is set to WARNING, but can be adjusted to ERROR, VERBOSE, or INFO for various logging needs. // PII (Personally Identifiable Information) logging is disabled by default to protect user privacy. // Logcat logging is enabled by default, which allows logs to be viewed in the Android logcat. "logging": { "pii_enabled": false, "log_level": "WARNING", "logcat_enabled": true }, // Sets the preferred browser for handling authentication requests. "preferred_browser" : null, // A list of browsers that are allowed to handle authentication requests. // User can include or exclude specific browsers by their package name and signature hash. // The following browsers are allowed by default "browser_safelist": [ { "browser_package_name": "com.android.chrome", "browser_signature_hashes": [ "7fmduHKTdHHrlMvldlEqAIlSfii1tl35bxj1OXN5Ve8c4lU6URVu4xtSHc3BVZxS6WWJnxMDhIfQN0N0K2NDJg==" ] }, { "browser_package_name": "org.mozilla.firefox", "browser_signature_hashes": [ "2gCe6pR_AO_Q2Vu8Iep-4AsiKNnUHQxu0FaDHO_qa178GByKybdT_BuE8_dYk99G5Uvx_gdONXAOO2EaXidpVQ==" ] }, { "browser_package_name": "com.sec.android.app.sbrowser", "browser_signature_hashes": [ "ABi2fbt8vkzj7SJ8aD5jc4xJFTDFntdkMrYXL3itsvqY1QIw-dZozdop5rgKNxjbrQAd5nntAGpgh9w84O1Xgg==" ] }, { "browser_package_name": "com.cloudmosa.puffinFree", "browser_signature_hashes": [ "1WqG8SoK2WvE4NTYgr2550TRhjhxT-7DWxu6C_o6GrOLK6xzG67Hq7GCGDjkAFRCOChlo2XUUglLRAYu3Mn8Ag==" ] }, { "browser_package_name": "com.duckduckgo.mobile.android", "browser_signature_hashes": [ "S5Av4cfEycCvIvKPpKGjyCuAE5gZ8y60-knFfGkAEIZWPr9lU5kA7iOAlSZxaJei08s0ruDvuEzFYlmH-jAi4Q==" ] }, { "browser_package_name": "com.explore.web.browser", "browser_signature_hashes": [ "BzDzBVSAwah8f_A0MYJCPOkt0eb7WcIEw6Udn7VLcizjoU3wxAzVisCm6bW7uTs4WpMfBEJYf0nDgzTYvYHCag==" ] }, { "browser_package_name": "com.ksmobile.cb", "browser_signature_hashes": [ "lFDYx1Rwc7_XUn4KlfQk2klXLufRyuGHLa3a7rNjqQMkMaxZueQfxukVTvA7yKKp3Md3XUeeDSWGIZcRy7nouw==" ] }, { "browser_package_name": "com.microsoft.emmx", "browser_signature_hashes": [ "Ivy-Rk6ztai_IudfbyUrSHugzRqAtHWslFvHT0PTvLMsEKLUIgv7ZZbVxygWy_M5mOPpfjZrd3vOx3t-cA6fVQ==" ] }, { "browser_package_name": "com.opera.browser", "browser_signature_hashes": [ "FIJ3IIeqB7V0qHpRNEpYNkhEGA_eJaf7ntca-Oa_6Feev3UkgnpguTNV31JdAmpEFPGNPo0RHqdlU0k-3jWJWw==" ] }, { "browser_package_name": "com.opera.mini.native", "browser_signature_hashes": [ "TOTyHs086iGIEdxrX_24aAewTZxV7Wbi6niS2ZrpPhLkjuZPAh1c3NQ_U4Lx1KdgyhQE4BiS36MIfP6LbmmUYQ==" ] }, { "browser_package_name": "mobi.mgeek.TunnyBrowser", "browser_signature_hashes": [ "RMVoXuK1sfJZuGZ8onG1yhMc-sKiAV2NiB_GZfdNlN8XJ78XEE2wPM6LnQiyltF25GkHiPN2iKQiGwaO2bkyyQ==" ] }, { "browser_package_name": "org.mozilla.focus", "browser_signature_hashes": [ "L72dT-stFqomSY7sYySrgBJ3VYKbipMZapmUXfTZNqOzN_dekT5wdBACJkpz0C6P0yx5EmZ5IciI93Q0hq0oYA==" ] }, { "browser_package_name": "com.cake.browser", "browser_signature_hashes": [ "442kvSdZT1fEAewzSi8Wre73x4mWmHBhOFtQ-9T9N6ExZzUdsELUmaaS0edsI7ur2nY-bjbWX7IpluFOyvKkOA==" ] }, { "browser_package_name": "com.brave.browser", "browser_signature_hashes": [ "wIwX1v_1TfPxHm5qn-_jdGoH3Pa9VVMR5dtVz0Y0xqPkyM_KlavjWPSgOolrVH05AVO1cHWoLPqMzCH04Pw8LQ==" ] }, { "browser_package_name": "com.kiwibrowser.browser", "browser_signature_hashes": [ "kmPeixKA04JcDuWNBMUPu_6WaODr6a9ofROUIHIGxiiFGvH8Y92MonrDQmsNqEJO2DQkpEQc425WmAYB4NlD3Q==" ] }, { "browser_package_name": "com.mi.globalbrowser.mini", "browser_signature_hashes": [ "6FEWlPfWn-omfES2ZYDj5bZUIR5au_nfyRr-o_1R3fesjfoV1JptBMumtvVIo0q37abcMRWQt9RUSNXpzKpNdA==" ] }, { "browser_package_name": "mark.via.gp", "browser_signature_hashes": [ "oTJf5e5nB1NinkdBpkkmhPnwbVRmDlHZ-s_QhvyuGKM5nq5XtjA439O31wxrkL6ReHyyKfDHFUHpQnoXoj--Ig==" ] } ] }