-
Notifications
You must be signed in to change notification settings - Fork 94
Acquiring tokens with authorization codes
The Authorization Code flow is suitable when the application requires the user's interaction with the Azure AD STS during authentication. One such case is when users login to Web applications (web sites) using Open Id connect. The web application receives an authorization code which it can redeem to acquire a token for Web APIs.
Requests for the authorization codes are delegated to the developer. To understand how to request an authorization code, see Authorization code flow.
Upon receiving an authorization code, the acquire_token_with_authorization_code method can be called to request a token. To see how to integrate the Authentication code flow into a web application, see this Python web application sample
The acquire_token_with_authorization_code method can be used for both confidential and public clients.The sample mentioned above uses this method to acquire a token for a confidential client. For a public client, you would not need a client secret as client secrets cannot be reliably stored on devices.