Tools, FAQ, Tutorials:
Authentication Flows with Azure AD v2
What are Authentication Flows Supported by Azure AD v2.0 service?
✍: FYIcenter.com
Azure AD v2.0 service supports 3 Authentication Flows:
1. Implicit Flow - The Implicit Flow is simple to implement. But it is less secure. Authentication is done in a single call to Azure AD service, which returns the "id_token" containing user identity.
2. Authorization Code Flow - The Authorization Code Flow is more complex to implement. But it is more secure. Authentication is done in two calls to Azure AD service. The first call returns only an authorization "code". You need to make a second call to exchange "code" for the final "access token".
3. Hybrid Flow, also called OAuth 2.0 Multiple Response Type Encoding Practices - In the Hybrid Flow, you ask for both "id_token" and authorization "code" in the first call. This allows you to mix the Implicit Flow and Authorization Code Flow together.
Here is a diagram showing the Azure AD v2.0 Implicit Authentication Flow:
Detail description of Azure AD v2.0 authentication flows can be found in article: "Application types for v2.0".
Â
⇒ Azure AD v2 OpenID Metadata Document
⇑⇑ OpenID Tutorials
2021-01-09, 980👍, 0💬
Popular Posts:
How to use the API operation 2017 version setting "Rewrite URL template"? The API operation setting ...
How to add a new operation to an API on the Publisher Portal of an Azure API Management Service 2017...
How to add images to my EPUB books Images can be added into book content using the XHTML "img" eleme...
How to use the "send-one-way-request" Policy statement to call an extra web service for an Azure API...
How to detect errors occurred in the json_decode() call? You can use the following two functions to ...