Hello,
I would like to have MSAL login fully working in a Developer ID signed macOS application.
I am using the following library for adding MSAL support to my macOS app : https://github.com/AzureAD/microsoft-authentication-library-for-objc .
The MSAL login (even silent login via the MSAL broker) works fully via my company Entra ID when I run and test my local dev build.
But : when I build and sign and notarize my application with a company Developer ID signature, the login fails, and I see keychain access related issues in the MSAL library log entries.
The MSAL library requires the following keychain access groups to be enabled : <string>$(AppIdentifierPrefix)com.company.app.bundle.id</string> <string>$(AppIdentifierPrefix)com.microsoft.identity.universalstorage</string>
The above requirement is confirmed under these links: https://learn.microsoft.com/en-us/entra/msal/objc/howto-v2-keychain-objc?tabs=objc and also their sample app : https://github.com/AzureAD/microsoft-authentication-library-for-objc/blob/410256714ee0489d212c0cbd8772259a69e7d862/MSAL/test/app/mac/MSALMacTestApp.entitlements#L18
The problem seems to be that such keychain access groups access cannot be configured for Developer ID signed applications.
Would it be possible to enable such Keychain Access groups somehow for a Developer ID signed application?
Thank you for any help in advance!