Microsoft Entra ID | Azure Active Directory Token Type | id_token | Access Token | Refresh_Token

preview_player
Показать описание
#AzureActiveDirectory #AzureADTokenType #AuthenticationToken #TokenType #Token
Azure Active Directory Authentication Token
id_token
Access Token
Refresh Token

How to use Postman to request token?

The below mentioned script will help you to request a new access token and refresh token with the help of current refresh token which you have captured from postman.
Also make sure you have replaced the value of clientid and client secret with your directory application.
From permission prespective make sure you have granted the application the permission to access user data from the api permission section of the application object in Azure AD.

How application works in Azure AD ?
============================================
# SCRIPT BEGINS FROM HERE #
Write-Host "Script to request new access token and refresh token from refresh token"
$tenant = Read-Host ('Enter your Tenant Name')
Write-Host Tenant name you entered is $tenant

Write-Host "Enter the value you have copied from postman"
$refresh_token = Read-Host ('Enter your refresh token')

Write-Host Authorize endpoint of your tenant is
$authendpoint
Write-Host Token endpoint of your tenant is
$tokenendpoint
$Body = @{
client_id = "9a21d7a5-a500-4ee9-8ea27325c24"
client_secret = "TrHSZaO53-wwNV__Ff"
grant_type = "refresh_token"
tenant = "$tenant"
refresh_token = $refresh_token
}

$token = Invoke-RestMethod -uri $tokenendpoint -Body $Body -Method Post
$token

#SCRIPT ENDS#
=============================================

Regards,
ConceptsWork
  1. Concepts Work
  2. azure active directory
  3. azure active directory tutorial
  4. azure active directory domain services
  5. azure active directory connect
  6. azure ad
Рекомендации по теме
Microsoft Entra ID 0:12:55

Microsoft Entra ID Beginner's Tutorial (Azure Active Directory)

Authentication fundamentals: The 0:04:33

Authentication fundamentals: The basics | Microsoft Entra ID

Microsoft Entra ID 0:33:48

Microsoft Entra ID The Complete Beginners Guide

Entra ID Beginners 0:08:05

Entra ID Beginners Guide, Avoid Becoming Obsolete!

Entra ID (Formally 0:31:09

Entra ID (Formally Azure AD) - A beginner's guide!

Deep Dive into 4:39:28

Deep Dive into Azure Active Directory (Microsoft Entra ID)

What is conditional 0:05:49

What is conditional access? | Microsoft Entra ID

Microsoft Entra ID 0:05:47

Microsoft Entra ID (Formally Azure AD) - A beginner's guide!

Microsoft Entra ID 0:09:21

Microsoft Entra ID Licensing: Free, P1, P2, and the Entra Suite Explained

Authentication fundamentals: Web 0:06:02

Authentication fundamentals: Web applications | Microsoft Entra ID

Microsoft Entra ID 0:45:09

Microsoft Entra ID The Ultimate Getting Started Guide (Oct 2024)

Microsoft 365 Entra: 0:19:08

Microsoft 365 Entra: An Overview for Complete Beginners

Microsoft Entra / 0:29:14

Microsoft Entra / Azure AD 2 0 Explained with Full Demo

Why Microsoft Changed 0:02:52

Why Microsoft Changed Azure AD to Entra ID

What is Entra 0:08:44

What is Entra ID, Entra Domain Services, and Windows AD?

Microsoft Entra ID 1:02:28

Microsoft Entra ID for Beginners | Complete Azure Ad realtime Training

What is Azure 0:09:36

What is Azure AD B2C? | Microsoft Entra ID

How to integrate 1:02:22

How to integrate applications with Microsoft Entra ID

Microsoft Entra ID 0:33:28

Microsoft Entra ID Governance

Become Master Microsoft 0:59:18

Become Master Microsoft Entra ID in Just 60 Mins ! Full Lab Practical !

Azure Tip: Azure 0:10:05

Azure Tip: Azure Active Directory ist neu Microsoft Entra ID!

Learning Entra ID 0:41:59

Learning Entra ID (Azure Active Directory)

Getting Started With 1:28:16

Getting Started With Entra ID - ZERO To HERO ( Full Demo)

Microsoft Entra ID 0:17:37

Microsoft Entra ID (Azure AD) et l'inscription des appareils Windows

Комментарии
Автор

This episode alone deserve to be your subscriber. The way you have explained it has answered my 3 year old questions.

BindasBadshah
Автор

10/10!
This is a great example and explanation of grant types!

petervangage
Автор

7 +Years of outlook stalking solved under 15 minutes. Love you! You deserve lots of money and good loving. Wishing you the best!

rosedev
Автор

Great bro. Thanks for a lot for realistic videos

MrKIRAN
Автор

Thanks for the great demo. I just had one question. If I have a single page app or a native app and a backend API (django rest) completely independen of each other. In my case if my single page app/native apl wants to access certain data from backend API. And inorder to access the API, user should be logged in to the backend API.

So what my approch is to make use of MSAL library to get the access token from the SPA/native app and then once token is acquired, pass that token to backend API, validate it, get the user info from graph api, if user is exists in the DB login the user and pass the required info. If user info doesn't exist then create the user, login and pass the info from API.

So my question is when I pass the access token to backend api. How can we validate that the token which we passed to backend API is valid token or not?

Is it just we need to make an API call to graph API? if it is able to get the user data then token is valid or if it fails then the token is invalid.

Is it the general way to validate the token or some better approach is there? Please help

aashayamballi
Автор

Hello conceptworks,

Very good explanation of tokens, I just have a question:
that is the default expiration for access token from Entra ID connect?
What is the difference between refresh token and Primary Refresh Token PRT?

Best regards,

Sergio-Here-In-Community
Автор

Useful video, but couldn't understand refresh token, how it can be revoked.

How token lifetime policy will impact the flow

If we have sign-in frequency under conditional access policy, will the access token expire at sign in frequency?

harshrajpal
Автор

This video must be included in MS documentation.

anastaskostov
Автор

Thanks for the you please let me know ...how to ignore session_state while sending it token endpoint

tushaar
Автор

Is Refresh token an application or user specific? can a refresh token be used to request access token for different application?

listentomusic
Автор

Hi, it was very informative. i have one doubt though. In my case i want to run some thread in background just to sync users data in our system and as we know access token expire in an hour and then we can use refresh token to get new access token. let me know how i can make sure that my refresh token never expire so that i can grab new access token always.

gauravtripathi
Автор

Is this token can be compromised? I know it is Base64 encoded. However, can it still be tampered if it travels down the wire? Is there any other security provisioned for this token on top of Base64 or Base64 is enough?

matthayden
Автор

Is we get the refresh token in initial request itself via powershell instead of postman? Please advice on this

Nachibros
Автор

How to encrypt the id token in azure ad/entra?

niharr
Автор

How to generate an authorization code? Also can you please explain how i can use access token in the header instead of authorization token

dipakbachhav
Автор

What if we use SAML instead of OpenID?

andreas
Автор

Hello Sir, please make a video on Exchange Hybrid mail flow

MoviesInAminute.
Автор

Can you demo how to configure Azure AD tokens with Nginx. Would be helpful

karthick
Автор

Great Video I want small help is it possible to add the payload in refresh token also like expiration time and all?

dhirajpoojary
Автор

Hello, if i want to write an app that retrieves new mail in a mailbox without user interactions will application only token work in this case ?

MaximilianoAnfuso