V2 endpoint has limited API support and requires v1 for legacy protocols

7/10 High

The Azure AD v2 endpoint only supports OpenID Connect and OAuth, excluding older protocols like SAML and WS-Federation. Additionally, only a small set of APIs are accessible (own API, Outlook, Microsoft Graph), requiring fallback to v1 endpoint for other APIs. No migration path exists for v1 applications.

Azure AD v2MSALSAMLWS-FederationOAuth
Category
compatibility
Workaround
none
Stage
onboarding
Freshness
persistent
Scope
framework
Upstream
open
Recurring
Yes
Buyer Type
enterprise
Maintainer
active

Sources

Collection History

Query: “What are the most common pain points with MSAL for developers in 2025?4/7/2026

Perhaps the biggest limitation currently is the rather small set of APIs that apps can use... If you want to use any other API, then currently your only option is to use the v1 endpoint... The v2 endpoint only supports the OpenID Connect and OAuth protocols... SAML and WS-Federation are protocols used by primarily older applications and were supported in the v1 endpoint, but are not supported in v2 (not yet at least).

Created: 4/7/2026Updated: 4/7/2026