![]() ![]() Public client applications are apps that run on devices or desktop computers or in a web browser. The client ID is exposed through the web browser, but the secret is passed only in the back channel and never directly exposed. A web app is the most common confidential client. These values are difficult for end users to extract. Each instance of the client has a distinct configuration (including client ID and client secret). Confidential clients can hold configuration-time secrets. They're considered difficult to access, and for that reason can keep an application secret. In contrast, Azure Active Directory Authentication Library (ADAL) uses what's called authentication context (which is a connection to Azure Active Directory).Ĭonfidential client applications are apps that run on servers (web apps, web API apps, or even service/daemon apps). The two client types are distinguished by their ability to authenticate securely with the authorization server and maintain the confidentiality of their client credentials. The Microsoft Authentication Library (MSAL) defines two types of clients: public clients and confidential clients. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |