Skip to content

CSA-OCP-GER/aad-identity-for-developers

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

aad-identity-for-developers

This repository gives several examples on how to integrate your your applications with Azure Active Directory.

Prerequisites

Challenges

OpenID Connect (OIDC)

OAuth 2.0 Code Grant Flow

OAuth 2.0 Implicit Grant Flow

Advanced challenges

Quick Terminology Refreshers

  • OAuth 2.0 - an open standard for access delegation with a focus on authorization - "Allows apps or services to make (restricted) API calls to other services without needing the password of the user"
  • OpenID Connect (OIDC) - An identity layer built on top of OAuth 2.0 for authentication - "Allows apps or services to know who the user is and authenticate him/her, including basic profile information"
  • ID Token - used to authenticate the user, contain basic profile information
  • Access Token - used to access protected resource via APIs on behalf of the user
  • Refresh Token - used to request new access token once they are expired
  • Authorization Server - issues access and refresh tokens, given the identity of the user
  • Scopes - delegated permission to protected resources to limit delegated access for applications
  • Consent - given by the user to accept the requested scopes
  • Resource Server - stores the resource owner's data
  • Resource Owner - own a specific piece of data (e.g., emails, contacts, etc.)

Authors