General - Authentication Flows with Azure AD v2

Authentication Flows with Azure AD v2

Q

What are Authentication Flows Supported by Azure AD v2.0 service?

✍: FYIcenter.com

A

Azure AD v2.0 service supports 3 Authentication Flows:

1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" containing user identity.

2. Authorization Code Flow - The Authorization Code Flow is more complex to implement. But it is more secure. Authentication is done in two calls to Azure AD service. The first call returns only an authorization "code". You need to make a second call to exchange "code" for the final "access token".

3. Hybrid Flow, also called OAuth 2.0 Multiple Response Type Encoding Practices - In the Hybrid Flow, you ask for both "id_token" and authorization "code" in the first call. This allows you to mix the Implicit Flow and Authorization Code Flow together.

Here is a diagram showing the Azure AD v2.0 Implicit Authentication Flow:
Azure AD v2.0 - Implicit Authentication Flow

Detail description of Azure AD v2.0 authentication flows can be found in article: "Application types for v2.0".

⇒ Azure AD v2 OpenID Metadata Document

⇐ Azure AD Integration v2.0

⇑ Azure AD Integration v2.0

⇑⇑ OpenID Tutorials

2021-01-09, 488👍, 0💬

Azure AD v2 OpenID Metadata Document
What is the Azure AD v2.0 OpenID Metadata Document? Azure AD v2.0 OpenID Metadata Document is an online JSON document that contains most of the information required for an app to perform sign-in. This includes information such as the URLs to use and the location of the service's public signing keys.... 2021-01-09, 512👍, 0💬

Authentication Flows with Azure AD v2
What are Authentication Flows Supported by Azure AD v2.0 service? Azure AD v2.0 service supports 3 Authentication Flows: 1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" conta... 2021-01-09, 489👍, 0💬

Azure AD v2 Sign-On Authentication Request
What is the Azure AD v2.0 Sign-On Authentication Request? Before deciding which Azure AD v2.0 authentication flow you want to implement in your Web application, you need to have a good understanding of the Azure AD v2.0 Sign-on authentication request, which is the first call you have to make in any ... 2021-01-09, 467👍, 0💬

Azure AD Integration Versions 1 and 2
What are differences of v1.0 and v2.0 of Azure AD Integration? The main difference between v1.0 and v2.0 of Azure AD Integration is who can sign in to your application: Azure AD v1.0 allows only work and school accounts to sign in to your application. Azure AD v2.0 allows work and school accounts fr... 2021-01-09, 460👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.