Tools, FAQ, Tutorials:
Authentication Flows with Azure AD v1
What are Authentication Flows Supported by Azure AD v1.0 service?
✍: FYIcenter.com
Azure AD v1.0 service supports 3 Authentication Flows:
1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" containing user identity.
2. Authorization Code Flow - The Authorization Code Flow is more complex to implement. But it is more secure. Authentication is done in two calls to Azure AD service. The first call returns only an authorization "code". You need to make a second call to exchange "code" for the final "access token".
3. Hybrid Flow, also called OAuth 2.0 Multiple Response Type Encoding Practices - In the Hybrid Flow, you ask for both "id_token" and authorization "code" in the first call. This allows you to mix the Implicit Flow and Authorization Code Flow together.
All above 3 Authentication Flows are summarized in
a single diagram shown below:
Detail description of Azure AD v1 authentication flows can be found in article: "Authorize access to web applications using OpenID Connect and Azure Active Directory".
Â
⇒ Azure AD v1 OpenID Metadata Document
⇑⇑ OpenID Tutorials
2022-05-05, 1058👍, 0💬
Popular Posts:
What is the "__init__()" class method? The "__init__()" class method is a special method that will b...
How to login to Azure API Management Publisher Dashboard? If you have given access permission to an ...
How to use the "send-request" Policy statement to call an extra web service for an Azure API service...
Can You Specify the "new line" Character in Single-Quoted Strings? You can not specify the "new line...
Can You Add Values to an Array without Keys in PHP? Can You Add Values to an Array with a Key? The a...