App Registrations config is missing detail

[alansingfield]

Description

It was unclear what configuration settings to use within the Azure App Registration for the Platform Configurations.

I was able to get this to work using:

Web Redirect URL https://localhost:1234/signin-microsoft Access tokens - OFF ID tokens - ON Allow public client flows - OFF

However I'm not convinced that these are the correct (most secure) settings, please help!

Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins?view=aspnetcore-8.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authentication/social/microsoft-logins.md

Document ID

ce69b990-0b4c-abda-cd2d-68f85cd8031e

Article author

Rick-Anderson

[Rick-Anderson]

Redirect URL https://localhost:1234/signin-microsoft Access tokens - OFF ID tokens - ON Allow public client flows - OFF

Redirect URL: Correct Access Tokens: Access tokens are typically required if your app needs to access Microsoft APIs on behalf of the user after authentication. So for this sample, OFF is correct ID Tokens: ID tokens contain information about the authenticated user and are commonly used for user authentication purposes. So ON is correct. Allow Public Client Flows: Public client flows are typically used for native and single-page applications where client secrets can't be securely stored. So for this sample, OFF is correct.

@blowdart will correct me if I'm wrong. I should update the doc with this information.

[Rick-Anderson]

@alansingfield did you know of an Azure Learn page that should also be updated? What article did you follow?

[alansingfield]

Sorry, I thought that was already in the issue, it's https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins?view=aspnetcore-8.0