OAuth 2.0 authorization with Microsoft Entra ID - Microsoft Entra (2024)

  • Article

The Open Authorization (OAuth) 2.0 is the industry protocol for authorization. It allows a user to grant limited access to its protected resources. Designed to work specifically with Hypertext Transfer Protocol (HTTP), OAuth separates the role of the client from the resource owner. The client requests access to the resources controlled by the resource owner and hosted by the resource server. The resource server issues access tokens with the approval of the resource owner. The client uses the access tokens to access the protected resources hosted by the resource server.

OAuth 2.0 is directly related to OpenID Connect (OIDC). Since OIDC is an authentication and authorization layer built on top of OAuth 2.0, it isn't backward compatible with OAuth 1.0. Microsoft Entra ID supports all OAuth 2.0 flows.

Use for:

Rich client and modern app scenarios and RESTful web API access.

OAuth 2.0 authorization with Microsoft Entra ID - Microsoft Entra (1)

Components of system

  • User: Requests a service from the web application (app). The user is typically the resource owner who owns the data and has the power to allow clients to access the data or resource.

  • Web browser: The web browser that the user interacts with is the OAuth client.

  • Web app: The web app, or resource server, is where the resource or data resides. It trusts the authorization server to securely authenticate and authorize the OAuth client.

  • Microsoft Entra ID: Microsoft Entra ID is the authentication server, also known as the Identity Provider (IdP). It securely handles anything to do with the user's information, their access, and the trust relationship. It's responsible for issuing the tokens that grant and revoke access to resources.

Implement OAuth 2.0 with Microsoft Entra ID

OAuth 2.0 authorization with Microsoft Entra ID - Microsoft Entra (2024)
Top Articles
Latest Posts
Article information

Author: Saturnina Altenwerth DVM

Last Updated:

Views: 5711

Rating: 4.3 / 5 (64 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Saturnina Altenwerth DVM

Birthday: 1992-08-21

Address: Apt. 237 662 Haag Mills, East Verenaport, MO 57071-5493

Phone: +331850833384

Job: District Real-Estate Architect

Hobby: Skateboarding, Taxidermy, Air sports, Painting, Knife making, Letterboxing, Inline skating

Introduction: My name is Saturnina Altenwerth DVM, I am a witty, perfect, combative, beautiful, determined, fancy, determined person who loves writing and wants to share my knowledge and understanding with you.