What is the exact difference between native app and web app in Azure Active Directory
When we register an application in the Azure Active Directory for using graph api, I see there are two types of application Web application and Native application. While creating web application there are two values requested 1. Sign-on URL and 2. App ID url. What is the use of these values ? Do we required real world url or just https://localhost:randomePort enough ? On the other hand while creating Native application, I can see only one required value 'Redirect URL'. I can obtain access token for web application using REST call POST https://login.microsoftonline.com/<tenant-id>/oauth2/token grant_type client_credentials client_id (the client ID of the calling service application in the AD) client secret (the key configured in the calling service application in the AD) resource https://graph.windows.net But how can I obtain access token for native app using such REST call ? because there is not client secret for native appliction Coming to permissions, for the native app, I can see only delegated permissions option available while for web app I can see application permission as well as delegated permissions option. One more thing, above REST call example authenticates application, How can I authenticate user using his credential using REST call ?
Native applications are public clients in OAuth2 parlance. Those apps are meant to run on a device and aren't trusted to maintain a secret - hence, their entry in the directory does not have the corresponding property. Without a secret, there is no way to assert the identity of the app - hence such apps cannot gain app level permissions and the portal UX reflects that. Conversely web apps are, again in OAuth2 parlance, confidential clients. They can get delegated tokens for their users, but they can also use client credentials to get tokens as themselves. Native apps can obtain tokens for the user via the OAuth2 authorization grant. You can find a complete overview of all supported topologies at https://azure.microsoft.com/en-us/documentation/articles/active-directory-authentication-scenarios/. Each scenario description point to more implementation oriented guidance.
Is it possible to print from an Azure worker?
Azure AD Graph API - does not provide option to enable multifactor authentication during user creation
Publishing from Visual Studio Team Services to Azure Web Role
How do I get the name of the input blob of my Azure WebJob?
Custom domain is “not planned” for Single Sign-On in Azure Active Directory
How to authenticate multiple active directory user on single application in azure
The argument 'UploadParallelActiveTasks' is larger than maximum of '64'
NopCommerce deployment error on azure
Is there an expiration for refresh_token in Azure AD OAuth2
Issue after upgrading Sitefinity 6.3 (Windows Azure Webproject) to Sitefinity 7.0
Azure Worker Role compatibillity with .Net 4.5.2
Setup Continuous Deployment with DropBox on Windows Azure Website
Azure multiple subscriptions network
SQL DB to Mobile service Transferring Scheme
How do you access the dead letter sub-queue on an Azure subscription?
Azure Anycast for application