It does not describe the use of the 'azure service' but basically what it does is that initially webgme asks for a simple id token, then tries to fetch an access token. With Microsoft, access tokens are used to reach other services as the user and query certain things. This access token is the one that we store among the cookies and reuse it, which does not really matter as the library that microsoft provides uses a memory based cache for the users anyways...
This feature implements authentication of azure users (and the necessary implicit creation of webgme users to manage project authorizations). Find a short documentation here: https://github.com/webgme/webgme/wiki/Using-Azure-Active-Directory
It does not describe the use of the 'azure service' but basically what it does is that initially webgme asks for a simple id token, then tries to fetch an access token. With Microsoft, access tokens are used to reach other services as the user and query certain things. This access token is the one that we store among the cookies and reuse it, which does not really matter as the library that microsoft provides uses a memory based cache for the users anyways...