Integrate your app with Azure AD

Most applications implement ways to authenticate and authorize clients on their platforms. Currently, for the internal applications, we are using the Microsoft Identity platform to standardize this configuration.

The Microsoft identity platform helps you build applications your users and customers can sign in to using their Microsoft identities or social accounts, and provide authorized access to your own APIs or Microsoft APIs like Microsoft Graph

References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview

https://docs.microsoft.com/en-us/azure/active-directory/develop/

So, the first step to starting this configuration, we need to have the app registration in Azure.

Azure App registrations are an easy and powerful way to configure authentication and authorization workflows for a variety of different client types.

Reference: https://petri.com/understanding-azure-app-registrations/

App Registration

Registering your application establishes a trusting relationship between your app and the Microsoft identity platform. The trust is unidirectional: your app trusts the Microsoft identity platform, and not the other way around.

References: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app

OAuth 2.0

OAuth2 - Authentication with Azure AD

References

References
General practice and information on Cloud (Azure)	https://dev.azure.com/transport-canada/MAACE-Solution and Data Architecture Services/_wiki/wikis/MAACE-Solution-and-Data-Architecture-Services.wiki/2351/General-practice-and-information-on-Cloud-(Azure)
Recommended abbreviations for Azure resource types	https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations