![]() ![]() The OAuth 2.0 authorization code flow is described in section 4.1 of the OAuth 2.0 specification. Standard (server-based) web application.Use the auth code flow paired with Proof Key for Code Exchange (PKCE) and OpenID Connect (OIDC) to get access tokens and ID tokens in these types of apps: Applications that support the auth code flow ![]() Instead, use a Microsoft-built and supported authentication library to get security tokens and call protected web APIs in your apps. This article describes low-level protocol details usually required only when manually crafting and issuing raw HTTP requests to execute the flow, which we do not recommend. For example, a web browser, desktop, or mobile application operated by a user to sign in to your app and access their data. The auth code flow requires a user-agent that supports redirection from the authorization server (the Microsoft identity platform) back to your application. The OAuth 2.0 authorization code grant type, or auth code flow, enables a client application to obtain authorized access to protected resources like web APIs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
May 2023
Categories |