Skip to the content.

Authentication Provider

Objective

The AuthenticationProvider is an implementation of a public interface that is used as an adapter to a external authentication library. The goal is to simplify the set of options provided by the OAuth2 library by limiting the functionality to just capabilities available on the Graph.

Graph Requirements

National Cloud Endpoints

Country Authorization Server
China https://login.chinacloudapi.cn
Germany https://login.microsoftonline.de
US Government https://login.microsoftonline.us
Global service (default) https://login.microsoftonline.com

Supported Flows

Interactive Authentication Provider

Shows a UI popup provided by the Auth Server

UsernamePassword Authentication Provider

Passes username/password over the wire to the AuthServer

IntegratedWindows Authentication Provider

Grabs credentials from the OS

DeviceCode Authentication Provider

Outputs a code that needs to be manually entered in a web form at a designated URL.

Scenarios

Multi-User

Multi-provider

Cloud Discovery

App asks user for email We call OpenIdConnect discovery endpoint and identify Auth Server/TokenServer Pass that to the “ClientApplication”

PerSession Provider

PerRequest Provider

Confidential Client

Public Client Application

= Per Session Config

OAuth2 Library Requirements

Security Requirements

Performance Requirements