What is the definition of token?


In MSAL (Microsoft Authentication Library) and general OAuth 2.0/OpenID Connect, a token is a string that represents the authorization granted to a client to access a protected resource. Tokens are issued by an authorization server and are sent to the client in the form of a string.

There are two main types of tokens:

Access Token: is used to authenticate and authorize the client to access protected resources on the resource server. It contains information about the identity of the client and the authorization granted.

Refresh Token: is used to obtain a new access token when the current one expires. It is typically a long-lived token that is stored securely on the client.

MSAL uses these tokens to authenticate and authorize the client to access protected resources on the resource server. The client can use the access token to authenticate and authorize requests to the resource server. The client can also use the refresh token to obtain a new access token when the current one expires.

When a user signs in to an application, MSAL will acquire an access token and a refresh token from the authorization server. MSAL will then use the access token to authenticate and authorize requests to the resource server. When the access token expires, MSAL can use the refresh token to obtain a new access token without requiring the user to sign in again.

It's important to note that Access Tokens should be handled with care and kept secret, because they contain sensitive information and can be used to gain access to protected resources.


Happy PC (Programming / Configuring)

Comments

Post a Comment

Popular posts from this blog

In C# CSOM How to Delete Folders Recursively, Sub-Folders, Files in SharePoint Online Document Library

Image
In this article we will see how to delete Root folder, sub-folders, files in SharePoint Document Library.  Here I have given snippet by hardcoding (not recommended) one folder name "TestFolder1".  However you can use loop statement and iterate list of root folder names.  var clientContext = GetClientContextWithAccessToken(siteUrl, accessToken); Web web = clientContext.Web; clientContext.Load(web); clientContext.ExecuteQuery(); //Here you can add for loop with list of root folder names and iterate //Start of for loop string folderPath = "/sites/contoso5/LibraryName/ TestFolder1 "; //Pass the folder name dynamically Folder folder = clientContext.Web.GetFolderByServerRelativeUrl(folderPath); clientContext.Load(folder, folderitem => folderitem.Properties, folderitem => folderitem.Name, folderitem => folderitem.Files); clientContext.ExecuteQuery(); DeleteFolderRecursive(folder); //Call method to delete subfolders and files. folder.DeleteObject(); clientContext.E
Read more

How Get, Set, Delete Permission on SharePoint Online Site using Graph API

Image
How to get SharePoint Site ID [GET] https://graph.microsoft.com/v1.0/sites?search=contoso5 How to set SharePoint Site Permission only to selected App (AAD App reg) [POST] https://graph.microsoft.com/v1.0/sites/demotenant.sharepoint.com,4465d2n7-e7c4-40df-abfa-364106bbc502,57836gs4-b14f-4061-ba63-fdb0c2a923b6/permissions Request Body: ============ {     "roles": [         "write"     ],     "grantedToIdentities": [         {             "application": {                 "id": "3795d2n7-fa6d-4203-9076-5c8898799cb8",                 "displayName": "DemoTenantAADApp"             }         }     ] } How to get SharePoint Site Permission [GET] https://graph.microsoft.com/v1.0/sites/demotenant.sharepoint.com,4465d2n7-e7c4-40df-abfa-364106bbc502,57836gs4-b14f-4061-ba63-fdb0c2a923b6/permissions [Delete] How to Delete Selected SharePoint Site Permission https://graph.microsoft.com/v1.0/sites/demotenant.sharepoint.
Read more

What is SharePoint online default authentication method? And which credential flow it is using to authenticate?

Image
  Here I have explained SharePoint online default authentication method and which credential flow it is using to authenticate: The default authentication method for SharePoint Online is OAuth 2.0 and it uses the authorization code grant flow to authenticate users . This means that the user first logs in through an identity provider (such as Microsoft Account or Azure Active Directory) and then receives an authorization code which is then exchanged for an access token. This access token is then used to access the SharePoint Online resources on behalf of the user. Happy PC (Programming / Configuring)
Read more