{"id":1926,"date":"2019-02-27T14:03:15","date_gmt":"2019-02-27T13:03:15","guid":{"rendered":"https:\/\/solidt.eu\/site\/?p=1926"},"modified":"2022-02-21T16:43:55","modified_gmt":"2022-02-21T15:43:55","slug":"afds-oauth-documentation","status":"publish","type":"post","link":"https:\/\/solidt.eu\/site\/afds-oauth-documentation\/","title":{"rendered":"AFDS \/ OAUTH documentation"},"content":{"rendered":"\n

https:\/\/docs.microsoft.com\/nl-nl\/azure\/active-directory\/develop\/v1-protocols-oauth-code<\/a><\/p>\n\n\n\n

\"Stroom<\/figure>\n\n\n\n

Request Code<\/p>\n\n\n\n

https:\/\/login.microsoftonline.com\/{tenant}\/oauth2\/authorize?\nclient_id=6731de76-14a6-49ae-97bc-6eba6914391e\n&response_type=code\n&redirect_uri=http%3A%2F%2Flocalhost%3A12345\n&response_mode=query\n&resource=https%3A%2F%2Fservice.contoso.com%2F\n&state=12345\n# Company url\nhttps:\/\/company.com\/adfs\/oauth2\/authorize?\nclient_id=6731de76-14a6-49ae-97bc-6eba6914391e\n&response_type=code\n&redirect_uri=http%3A%2F%2Flocalhost%3A12345\n&response_mode=query\n&resource=https%3A%2F%2Fservice.contoso.com%2F\n&state=12345<\/pre>\n\n\n\n
Response: Redirect (in Location Header) with code<\/p>\n\n\n\n
GET  HTTP\/1.1 302 Found\nLocation: http:\/\/localhost:12345\/?code= AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrqqf_ZT_p5uEAEJJ_nZ3UmphWygRNy2C3jJ239gV_DBnZ2syeg95Ki-374WHUP-i3yIhv5i-7KU2CEoPXwURQp6IVYMw-DjAOzn7C3JCu5wpngXmbZKtJdWmiBzHpcO2aICJPu1KvJrDLDP20chJBXzVYJtkfjviLNNW7l7Y3ydcHDsBRKZc3GuMQanmcghXPyoDg41g8XbwPudVh7uCmUponBQpIhbuffFP_tbV8SNzsPoFz9CLpBCZagJVXeqWoYMPe2dSsPiLO9Alf_YIe5zpi-zY4C3aLw5g9at35eZTfNd0gBRpR5ojkMIcZZ6IgAA&session_state=7B29111D-C220-4263-99AB-6F6E135D75EF&state=D79E5777-702E-4260-9A62-37F75FF22CCE<\/pre>\n\n\n\n
Request Token<\/p>\n\n\n\n
\/\/ Line breaks for legibility only\n\nPOST \/{tenant}\/oauth2\/token HTTP\/1.1\nHost: https:\/\/login.microsoftonline.com\nContent-Type: application\/x-www-form-urlencoded\ngrant_type=authorization_code\n&client_id=2d4d11a2-f814-46a7-890a-274a72a7309e\n&code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrqqf_ZT_p5uEAEJJ_nZ3UmphWygRNy2C3jJ239gV_DBnZ2syeg95Ki-374WHUP-i3yIhv5i-7KU2CEoPXwURQp6IVYMw-DjAOzn7C3JCu5wpngXmbZKtJdWmiBzHpcO2aICJPu1KvJrDLDP20chJBXzVYJtkfjviLNNW7l7Y3ydcHDsBRKZc3GuMQanmcghXPyoDg41g8XbwPudVh7uCmUponBQpIhbuffFP_tbV8SNzsPoFz9CLpBCZagJVXeqWoYMPe2dSsPiLO9Alf_YIe5zpi-zY4C3aLw5g9at35eZTfNd0gBRpR5ojkMIcZZ6IgAA\n&redirect_uri=https%3A%2F%2Flocalhost%3A12345\n&resource=https%3A%2F%2Fservice.contoso.com%2F\n&client_secret=p@ssw0rd\n\n\/\/NOTE: client_secret only required for web apps<\/pre>\n\n\n\n
Answer with token<\/p>\n\n\n\n
{\n  \"access_token\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1THdqcHdBSk9NOW4tQSJ9.eyJhdWQiOiJodHRwczovL3NlcnZpY2UuY29udG9zby5jb20vIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvN2ZlODE0NDctZGE1Ny00Mzg1LWJlY2ItNmRlNTdmMjE0NzdlLyIsImlhdCI6MTM4ODQ0MDg2MywibmJmIjoxMzg4NDQwODYzLCJleHAiOjEzODg0NDQ3NjMsInZlciI6IjEuMCIsInRpZCI6IjdmZTgxNDQ3LWRhNTctNDM4NS1iZWNiLTZkZTU3ZjIxNDc3ZSIsIm9pZCI6IjY4Mzg5YWUyLTYyZmEtNGIxOC05MWZlLTUzZGQxMDlkNzRmNSIsInVwbiI6ImZyYW5rbUBjb250b3NvLmNvbSIsInVuaXF1ZV9uYW1lIjoiZnJhbmttQGNvbnRvc28uY29tIiwic3ViIjoiZGVOcUlqOUlPRTlQV0pXYkhzZnRYdDJFYWJQVmwwQ2o4UUFtZWZSTFY5OCIsImZhbWlseV9uYW1lIjoiTWlsbGVyIiwiZ2l2ZW5fbmFtZSI6IkZyYW5rIiwiYXBwaWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctODkwYS0yNzRhNzJhNzMwOWUiLCJhcHBpZGFjciI6IjAiLCJzY3AiOiJ1c2VyX2ltcGVyc29uYXRpb24iLCJhY3IiOiIxIn0.JZw8jC0gptZxVC-7l5sFkdnJgP3_tRjeQEPgUn28XctVe3QqmheLZw7QVZDPCyGycDWBaqy7FLpSekET_BftDkewRhyHk9FW_KeEz0ch2c3i08NGNDbr6XYGVayNuSesYk5Aw_p3ICRlUV1bqEwk-Jkzs9EEkQg4hbefqJS6yS1HoV_2EsEhpd_wCQpxK89WPs3hLYZETRJtG5kvCCEOvSHXmDE6eTHGTnEgsIk--UlPe275Dvou4gEAwLofhLDQbMSjnlV5VLsjimNBVcSRFShoxmQwBJR_b2011Y5IuD6St5zPnzruBbZYkGNurQK63TJPWmRd3mbJsGM0mf3CUQ\",\n  \"token_type\": \"Bearer\",\n  \"expires_in\": \"3600\",\n  \"expires_on\": \"1388444763\",\n  \"resource\": \"https:\/\/service.contoso.com\/\",\n  \"refresh_token\": \"AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4rTfgV29ghDOHRc2B-C_hHeJaJICqjZ3mY2b_YNqmf9SoAylD1PycGCB90xzZeEDg6oBzOIPfYsbDWNf621pKo2Q3GGTHYlmNfwoc-OlrxK69hkha2CF12azM_NYhgO668yfcUl4VBbiSHZyd1NVZG5QTIOcbObu3qnLutbpadZGAxqjIbMkQ2bQS09fTrjMBtDE3D6kSMIodpCecoANon9b0LATkpitimVCrl-NyfN3oyG4ZCWu18M9-vEou4Sq-1oMDzExgAf61noxzkNiaTecM-Ve5cq6wHqYQjfV9DOz4lbceuYCAA\",\n  \"scope\": \"https%3A%2F%2Fgraph.microsoft.com%2Fmail.read\",\n  \"id_token\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctODkwYS0yNzRhNzJhNzMwOWUiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC83ZmU4MTQ0Ny1kYTU3LTQzODUtYmVjYi02ZGU1N2YyMTQ3N2UvIiwiaWF0IjoxMzg4NDQwODYzLCJuYmYiOjEzODg0NDA4NjMsImV4cCI6MTM4ODQ0NDc2MywidmVyIjoiMS4wIiwidGlkIjoiN2ZlODE0NDctZGE1Ny00Mzg1LWJlY2ItNmRlNTdmMjE0NzdlIiwib2lkIjoiNjgzODlhZTItNjJmYS00YjE4LTkxZmUtNTNkZDEwOWQ3NGY1IiwidXBuIjoiZnJhbmttQGNvbnRvc28uY29tIiwidW5pcXVlX25hbWUiOiJmcmFua21AY29udG9zby5jb20iLCJzdWIiOiJKV3ZZZENXUGhobHBTMVpzZjd5WVV4U2hVd3RVbTV5elBtd18talgzZkhZIiwiZmFtaWx5X25hbWUiOiJNaWxsZXIiLCJnaXZlbl9uYW1lIjoiRnJhbmsifQ.\"\n}<\/pre>\n\n\n\n
\"Diagram<\/figure>\n\n\n\n
https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/ad-fs\/development\/ad-fs-openid-connect-oauth-concepts<\/a><\/p>\n\n\n\n
AD FS Endpoints<\/h2>\n\n\n\n
AD FS Endpoint<\/th>Description<\/th><\/tr><\/thead>
\/authorize<\/td>AD FS returns an authorization code that can be used to obtain the access token<\/td><\/tr>
\/token<\/td>AD FS returns an access token that can be used to access the resource (Web API)<\/td><\/tr>
\/userinfo<\/td>AD FS returns claims about the authenticated user<\/td><\/tr>
\/devicecode<\/td>AD FS returns the device code and user code<\/td><\/tr>
\/logout<\/td>AD FS logs out the user<\/td><\/tr>
\/keys<\/td>AD FS public keys used to sign responses<\/td><\/tr>
\/.well-known\/openid-configuration<\/td>AD FS returns OAuth\/OpenID Connect metadata
https:\/\/ldapwiki.com\/wiki\/Openid-configuration<\/a><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\"API<\/figure>\n","protected":false},"excerpt":{"rendered":"
https:\/\/docs.microsoft.com\/nl-nl\/azure\/active-directory\/develop\/v1-protocols-oauth-code Request Code Response: Redirect (in Location Header) with code Request Token Answer with token https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/ad-fs\/development\/ad-fs-openid-connect-oauth-concepts AD FS Endpoints AD FS Endpoint Description \/authorize AD FS returns an authorization code that can be used to obtain the access token \/token AD FS returns an access token that can be used to access the resource (Web […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-1926","post","type-post","status-publish","format-standard","hentry","category-dotnet"],"_links":{"self":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/comments?post=1926"}],"version-history":[{"count":5,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1926\/revisions"}],"predecessor-version":[{"id":6040,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1926\/revisions\/6040"}],"wp:attachment":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/media?parent=1926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/categories?post=1926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/tags?post=1926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}