AzureAD
MSAL Config Preferred Browser Only Takes a Single Browser. Make it Multiple.
context When a user uses a passkey to login with MSAL, it fails with Firefox as Firefox does not support FIDO2/Passkeys.
Problem Within the MSAL Configuration, you can set a preferred browser but you can only set a single one.
Let's say a user's device has Google Chrome, Brave Browser and Firefox installed with Firefox as their default browser. If the preferred browser is set to Google Chrome then there's no problem here. However, if the user does not have Google Chrome installed but only has Firefox (default browser) and Brave Browser installed then it would use Firefox since Brave Browser was not set as the preferred browser in the MSAL configuration.
Describe the solution you'd like Allow multiple preferred browsers to be configured in MSAL config
Describe alternatives you've considered N/A
Hello, thanks for bringing this to our attention. We do have a configuration setting for setting a safelist of browsers. Please reference this configuration file https://github.com/AzureAD/microsoft-authentication-library-for-android/blob/dev/msal/src/main/res/raw/msal_default_config.json, and you can override the field in your configuration file with the same list, but remove Firefox. This will make it so MSAL will not route auth requests through firefox. Let us know if that is a satisfactory solution.
That doesn't work.
Due to this line of code, which I have linked here: https://github.com/AzureAD/microsoft-authentication-library-for-android/blob/960bc92c9dd6f4cd2fe4574558eadde6e46d8148/msal/src/main/java/com/microsoft/identity/client/PublicClientApplicationConfiguration.java#L505
The line above means that the new browser safe list just gets added to the default browser safe list. It should be overwriting what's within the default browse safe list. This means browsers that I don't want to be used, e.g. Firefox, will never be removed from the final list of browsers.
You need to add a capability to completely override the browser safe list.