Centero Portal authentication changes from ADAL to MSAL

ADAL is an end of life technology which will be out of support on June 30, 2022. Therefore, Centero Portal authentication relies now on Microsoft Authentication Library (MSAL). As the result, registering and authenticating are easier from now on. But the change also have some user impacts in specific scenarios.

Scenario 1 - Authentication to Centero Portal now requires a consent. 

Requester point of view

Some organizations have admin consent workflow enabled which means that the consent request must be forwarded to an administrator. If this is the case, login to our Portal and try to sign in. A request for approval should appear. Input a justification and request for the approval. Also notifying your administrator can speed up the process.

Picture 1. Request without admin consent workflow

Picture 2. Request with admin consent workflow

Admin point of view

See for the following Microsoft's documentation on admin consent.

After consent, make sure Assignment required setting in the enterprise application properties is set to No. If assignment required is set to Yes, you need to grant access to Centero Portal users from "Users and groups" tab


Scenario 2 - Alternate email in home Azure AD directory is different than used in Centero Portal registration 

Some organizations might have enabled a feature Sign-in to Azure AD with email as an alternate login ID. At the time of writing the feature is still in preview mode. Using this feature can cause a problem when signing in to the Centero Portal. The problem occurs when a user has registered to the Portal with a specific email address and then using different e-mail (usually alternate email) when trying to login.

Make sure that you use the same username while authenticating that you originally registered with. If you know that there is a problem with this feature contact our support.

Picture 3. Email and alternate email of an user object in Azure AD