Great video! Though I was wondering, I can't really figure out how to access the code that gets sent after step 3, where exactly is it saved and how can you use it for step 4?
Thank for knowledge. I have to follow Authorization flow even I have the username and password in background but In my web application I don't want to show pop up of microsoft login. So how I can access token by passing username and password with itself in Authorization code request i.e. single call.only
Microsoft graph portal is used to access information directly once the access is approved, where postman is tool that you can access to test your applications privelages. For example if your app vendor contacts you for clientid and client secret and lets you know about the specifc permission they need, you can test your app(ClientID), privelage from POSTMAN before giving the details to your app vendor.
Hey there the structured "POST request to token endpoint" has incorrect endpoint I guess. It has to be to token? Rather than authorize?? Please check and correct me if I am wrong
Thanks Somya, Much appreciated. Yes, you are absolutely right, at - 6:23 the text shown in the request should be at token endpoint, whereas while showing with postman at 11:33, it was in place.
Hello Concepts ji, how can I get a token on behalf of a user if they are already logged into their machine? Meaning they are using an app that needs authentication and token to access the api. So I was told to just use the user's email but where would I put that in the flow to get a token for them?
Is the postman only restricted to test Authorization Code Flow or we can check other work flow as well. In your previous video you had mentioned Generic flow of Oauth, is that same as Authorization Code Flow.
Thanks Video, it is helpful. my first question is that the code for end point of token is the code from a property "Code" of a class "'Microsoft.Owin.Security.Notifications.AuthorizationCodeReceivedNotification" thanks Jean
Yes, you can implement his with multi-tenant applications. As of now there are very limited set of api's available, please check the link docs.microsoft.com/en-us/graph/dynamics-business-central-concept-overview
Redirect URI is optional "" After completing its interaction with the resource owner, the authorization server directs the resource owner's user-agent back to the client. The authorization server redirects the user-agent to the client's redirection endpoint previously established with the authorization server during the client registration process or when making the authorization request.
ua-cam.com/video/AvNc1p2HywI/v-deo.html 6:25, is Authorize and Token endpoint the same, when i see for my tenant as you showed from azure portal i see those two are different. Thanks for your clarification. Good video.
One of the best video in youtube for OAuth Authorization code flow test using Postman.
Very Nice and Methodical explanation. Great work with all the videos!
Glad you like them!
Thanks for the simplified understanding. Must recommendation for anyone developing oauth 2.0 supported logins!
Good tips man. Please share more workflow related videos :)
Man you really helped me. I am trying to do this for past 2 days
Nice explanation
Great video!
Though I was wondering, I can't really figure out how to access the code that gets sent after step 3, where exactly is it saved and how can you use it for step 4?
I like so much you videos!!!
thank you! you are the best!
Glad it helped!
I would like to how multitenant SSO work. How can i achieve it. How to get the help related.
Nice video, good explanation, I have a question, can I implement OAuth2 authorization with code flow to call an API from another API?
Thank for knowledge. I have to follow Authorization flow even I have the username and password in background but In my web application I don't want to show pop up of microsoft login. So how I can access token by passing username and password with itself in Authorization code request i.e. single call.only
Very useful information and demo!
Really useful, thanks
Glad to hear that!
Good Video, What is benefits to use postman instead of Microsoft Graph, ?
Microsoft graph portal is used to access information directly once the access is approved, where postman is tool that you can access to test your applications privelages.
For example if your app vendor contacts you for clientid and client secret and lets you know about the specifc permission they need, you can test your app(ClientID), privelage from POSTMAN before giving the details to your app vendor.
@@ConceptsWork Thanks much clear now.
Hey there the structured "POST request to token endpoint" has incorrect endpoint I guess. It has to be to token? Rather than authorize?? Please check and correct me if I am wrong
Thanks Somya, Much appreciated. Yes, you are absolutely right, at - 6:23 the text shown in the request should be at token endpoint, whereas while showing with postman at 11:33, it was in place.
Hello Concepts ji, how can I get a token on behalf of a user if they are already logged into their machine? Meaning they are using an app that needs authentication and token to access the api. So I was told to just use the user's email but where would I put that in the flow to get a token for them?
Step 4. shouldnt the endpoint end with Token instead of Authorize again?
In Step 3, is that code sent as a redirect as to the client browser?
How this is able to identify against replay detection?
Awesome
Is it possible to automate the login process via Microsoft? I mean can we skip the part to type in username and password ?
Is the postman only restricted to test Authorization Code Flow or we can check other work flow as well.
In your previous video you had mentioned Generic flow of Oauth, is that same as Authorization Code Flow.
No, with postman you can check the other methods as well.
We have posted client credential flow as well.
Thanks Video, it is helpful. my first question is that the code for end point of token is the code from a property "Code" of a class "'Microsoft.Owin.Security.Notifications.AuthorizationCodeReceivedNotification" thanks Jean
HI I want to Join concepts work , however transaction failed , could you please and confirm
Thanks for the video!
Can we do it in multi tenant? If I want to get Dynamics 365 data using Graph API, can I? If yes, then How?
Yes, you can implement his with multi-tenant applications.
As of now there are very limited set of api's available, please check the link
docs.microsoft.com/en-us/graph/dynamics-business-central-concept-overview
Thanks for the video, is it possible to make a token request without having to sign in ?
Please check the video of client credential flow.
Can you please help with the complete PHP code for auth 2.0 Authorization Code Flow?
Hi kartik, I need the same help now but no resources found on internet for php . Can you pls help me .
Pls reply i need it in urgent.
is rediect uri optional or mandatory ?? also can i implement this in oracle soa bpel??
Redirect URI is optional
"" After completing its interaction with the resource owner, the
authorization server directs the resource owner's user-agent back to
the client. The authorization server redirects the user-agent to the
client's redirection endpoint previously established with the
authorization server during the client registration process or when
making the authorization request.
@@ConceptsWork can we give a null value in the redirect uri section while registering a new client ??
May I know the purpose behind mentioning null ?
thanks
Hi, Have you made the video for Enterprise application, if yes kindly provide the link. Thank you!!!
Yes I have
@@ConceptsWork can you please provide the link?
Man, I need to use HTTP request in microsoft flow. I have 403 Forbidden error. Can you show something specific, or not?
please reach out to me at learnconceptswork@gmail.com
Is this series cover total Azure AD?
Most of the components, let me know if you can’t find something, will try to add
@@ConceptsWork Azure Active Directory monitoring section can you explain
how to get new token using refresh-token for grant_type=authorization_code
You have to send post request to token endpoint, with the refresh token.
what is this CLIENT_ID?
The client id is the application id of your azure application that you can find in the azure portal in your application overview.
Once you register the app, you will get Application (client) ID, Directory (tenant) ID
ua-cam.com/video/AvNc1p2HywI/v-deo.html 6:25, is Authorize and Token endpoint the same, when i see for my tenant as you showed from azure portal i see those two are different. Thanks for your clarification. Good video.