Some example scope values for different resources: When your application needs to request an access token with specific permissions for a resource API, pass the scopes containing the app ID URI of the API in the format /. For more information, see Scopes for a v1.0 application. It's also possible in MSAL to access v1.0 resources. Well-known scopes are the Microsoft Graph permissions. The scopes parameter is a list of strings that declare the desired permissions and the resources requested. Several of MSAL's token acquisition methods require a scopes parameter. Based on the web API's configuration of the token version it accepts, the v2.0 endpoint returns the access token to MSAL.
v2.0 protocol uses scopes instead of resource in the requests. MSAL allows you to get tokens to access Azure AD for developers (v1.0) and the Microsoft identity platform APIs. Client applications request the user's consent for these scopes when making authentication requests to get tokens to access the web APIs. Scopes are the permissions that a web API exposes that client applications can request access to. This doesn't remove the session cookie that's in the browser, however. You can also clear the token cache, which is achieved by removing the accounts from the cache. Your application code should first try to get a token silently from the cache before attempting to acquire a token by other means.
MSAL caches a token after it's been acquired. In general, the method used for acquiring a token depends on whether the application is a public client application like desktop or mobile app, or a confidential client application like web app, web API, or daemon application. Some require user interaction through a web browser, while others don't require user interaction. There are several ways to acquire a token by using the Microsoft Authentication Library (MSAL). Access tokens enable clients to securely call web APIs protected by Azure.
0 kommentar(er)
