App Registration Auths
Notes about AZ App and code samples

App type scenarios
Web / Mobile / Single-Page App (SPA)
Web / Daemon
Who can consent
Users can consent for their data
Admin can consent for all users
Only admin can consent
Other names
Scopes
OAuth2 permissions
App roles
App-only permissions
Direct access permissions
Graph Explorer
One of the most commonly used Azure APIs is the Graph.
We can use "Graph Explorer" to sample queries
Scope
Defines the set of permissions being requested by the application. Scopes can be either static (using .default
) or dynamic. This set can include the OpenID Connect scopes (openid
, profile
, email
). If you need application permissions, you must use .default
to request the statically configured list of permissions.
Lab Example for different programming languages
To eliminate the need for App (or Client) secret, this option must be able so we can use the "UsernamePasswordCredential" auth method
Code Snippets that show "Delegated Permission" property


Grant Types
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc
Last updated