Menu
When we register an application in the Azure Active Directory for using graph api, I see there are two types of application Web application and Native application.
While creating web application there are two values requested 1. Sign-on URL and 2. App ID url. What is the use of these values ? Do we required real world url or just https://localhost:randomePort enough ?
On the other hand while creating Native application, I can see only one required value 'Redirect URL'.
I can obtain access token for web application using REST call
POST https://login.microsoftonline.com/<tenant-id>/oauth2/token grant_type client_credentials client_id (the client ID of the calling service application in the AD) client secret (the key configured in the calling service application in the AD) resource https://graph.windows.net But how can I obtain access token for native app using such REST call ? because there is not client secret for native appliction
Coming to permissions, for the native app, I can see only delegated permissions option available while for web app I can see application permission as well as delegated permissions option.
One more thing, above REST call example authenticates application, How can I authenticate user using his credential using REST call ?
808
A native app is one that is built for a specific platform, such as iPhone or Android, using their code libraries and accessing their available hardware features (camera, GPS, etc). A web-based app, on the other hand, is one that is hosted on the web and accessed from a browser on the mobile device.
There is no difference. To quote the documentation: The only difference between the three app types (API, web, mobile) is the name and icon used for them in the Azure portal. Behind the scene it is already using app service all the time.
What are cloud-native applications? Cloud native applications are built from the ground up—optimized for cloud scale and performance. They're based on microservices architectures, use managed services, and take advantage of continuous delivery to achieve reliability and faster time to market.
A Web App is a web application that is hosted in an App Service. The App Service is the managed service in Azure that enables you to deploy a web application and make it available to your customers on the Internet in a very short amount of time.
Native applications are public clients in OAuth2 parlance. Those apps are meant to run on a device and aren't trusted to maintain a secret - hence, their entry in the directory does not have the corresponding property. Without a secret, there is no way to assert the identity of the app - hence such apps cannot gain app level permissions and the portal UX reflects that. Conversely web apps are, again in OAuth2 parlance, confidential clients. They can get delegated tokens for their users, but they can also use client credentials to get tokens as themselves. Native apps can obtain tokens for the user via the OAuth2 authorization grant. You can find a complete overview of all supported topologies at https://azure.microsoft.com/en-us/documentation/articles/active-directory-authentication-scenarios/. Each scenario description point to more implementation oriented guidance.
151
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
