Authentication Flows with Azure AD v1

Q

What are Authentication Flows Supported by Azure AD v1.0 service?

✍: FYIcenter.com

A

Azure AD v1.0 service supports 3 Authentication Flows:

1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" containing user identity.

2. Authorization Code Flow - The Authorization Code Flow is more complex to implement. But it is more secure. Authentication is done in two calls to Azure AD service. The first call returns only an authorization "code". You need to make a second call to exchange "code" for the final "access token".

3. Hybrid Flow, also called OAuth 2.0 Multiple Response Type Encoding Practices - In the Hybrid Flow, you ask for both "id_token" and authorization "code" in the first call. This allows you to mix the Implicit Flow and Authorization Code Flow together.

All above 3 Authentication Flows are summarized in a single diagram shown below:

Detail description of Azure AD v1 authentication flows can be found in article: "Authorize access to web applications using OpenID Connect and Azure Active Directory".

⇒ Azure AD v1 OpenID Metadata Document

⇐ Azure AD Integration v1.0

⇑ Azure AD Integration v1.0

⇑⇑ OpenID Tutorials

2022-05-05, 1280👍, 0💬

Azure AD v1 OpenID Metadata Document
What is the Azure AD v1.0 OpenID Metadata Document? Azure AD v1.0 OpenID Metadata Document is an online JSON document that contains most of the information required for an app to perform sign-in. This includes information such as the URLs to use and the location of the service's public signing keys.... 2022-05-05, 2364👍, 0💬

Authentication Flows with Azure AD v1
What are Authentication Flows Supported by Azure AD v1.0 service? Azure AD v1.0 service supports 3 Authentication Flows: 1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" conta... 2022-05-05, 1281👍, 0💬

Integration with Azure Active Directory
Where to find tutorials on Integration with Azure Active Directory. Here is a list of tutorials to answer many frequently asked questions compiled by FYIcenter.com team on Integration with Azure Active Directory. What Is Azure Active Directory Azure AD, B2B and B2C Get Application ID from Azure AD A... 2021-06-20, 1100👍, 0💬

Application ID Settings on Azure AD
What settings are associated an application ID on Azure AD? Once you Website is registered on Azure AD with an Application ID, you can open and modify its settings described below: 1. Sign in to the Azure portal with admin permissions. 2. Go back to "Azure Active Directory > default directory... 2022-05-05, 1089👍, 0💬

Azure AD v1 Sign-On Authentication Request
What is the Azure AD v1.0 Sign-On Authentication Request? Before deciding which Azure AD v1.0 authentication flow you want to implement in your Web application, you need to have a good understanding of the Azure AD sign-on authentication request, which is the first call you have to make in any authe... 2022-05-05, 1058👍, 0💬

Azure AD, B2B and B2C
What are differences between Azure AD, B2B and B2C? Azure AD actually offers 3 different services: Azure AD - Provide authentication services to users in your own organization. Azure AD B2B - Provide authentication services to users in your own organizations and your external partner organizations. ... 2021-06-20, 1049👍, 0💬

Initiate Azure AD v1 Authentication Request
How to initiate Azure AD v1.0 Sign-On Authentication Request? The Azure AD Sign-On v1.0 Authentication Request must be initiated from the end user's Web browser, because the Azure AD service needs to communicate with the Web browser to make sure that the end user is signed on to an AD (Active Direct... 2022-05-05, 1035👍, 0💬

Process Azure AD v1 Authentication Request
How to the Azure AD v1.0 Sign-On Authentication Request is process by Azure AD service? When Azure AD v1.0 service receives a Sign-On Authentication Request from an end user's Web browser, it will: Verify if the "client_id" value in the request is valid. If not, display an error message page to the ... 2022-05-01, 1000👍, 0💬

Authentication Response Received from Azure AD v1
How to process the authentication response received from Azure AD v1.0 service after sending a sign-on authentication request? After Azure AD v1.0 service receives a sign-on authentication request from the end user's Web browser, it will process the request and redirect the Web browser to the "redir... 2022-05-01, 984👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.