6/16/2023 0 Comments Authenticator msThe contents of the token are intended only for the API, which means that access tokens must be treated as opaque strings. These proprietary formats that can't be validated might be encrypted tokens, JWTs, or special JWT-like. Microsoft-developed APIs like Microsoft Graph or APIs in Azure have other proprietary token formats. The format of the access token can depend on the configuration of the API that accepts it.Ĭustom APIs registered by developers on the Microsoft identity platform can choose from two different formats of JSON Web Tokens (JWTs) called v1.0 and v2.0. ![]() Some identity providers (IDPs) use GUIDs and others use encrypted blobs. Per the OAuth specification, access tokens are opaque strings without a set format. ![]() Web APIs use access tokens to perform authentication and authorization. Access tokens enable clients to securely call protected web APIs.
0 Comments
Leave a Reply. |