Azure Active Directory (Azure AD) for Developers

Welcome to the developer documentation for Azure Active Directory (Azure AD). This section provides comprehensive guidance on integrating your applications with Azure AD for secure authentication and authorization.

Key Concepts

Azure AD is a cloud-based identity and access management service that helps you manage users, groups, and applications, and secure access to your resources. For developers, it offers robust capabilities to:

Authenticate users: Verify the identity of users signing into your applications.
Authorize access: Control what authenticated users can do within your applications and access to your APIs.
Obtain access tokens: Securely call protected web APIs on behalf of users.

Getting Started

The journey begins with understanding the core concepts and flows that power Azure AD. We recommend starting with:

Introduction to Azure AD for Developers to get a high-level overview.
Authentication Flows to understand how users sign in and how your app obtains tokens.

Core Components for Developers

As a developer, you'll interact with several key components within Azure AD:

App Registration

Before your application can use Azure AD, it needs to be registered in your Azure AD tenant. This process provides your application with a unique identifier (Client ID) and allows you to configure its properties, such as redirect URIs and API permissions.

Learn more about App Registration.

Authentication Flows

Azure AD supports various authentication flows tailored to different application types and scenarios, including:

Authorization Code Flow: Ideal for web applications and single-page applications (SPAs) where a client secret can be securely stored or where user interaction is possible.
Client Credentials Flow: Used for service-to-service communication where an application needs to access resources without a user present.
On-Behalf-Of Flow: Enables a service to act on behalf of a user, passing the original user's identity and permissions to a downstream service.

Explore the details of Authentication Flows.

Tokens

Azure AD issues security tokens (ID tokens and Access tokens) that are used for authentication and authorization. Understanding the structure and validation of these tokens is crucial for secure application development.

Delve into Token Concepts.

Microsoft Graph API

The Microsoft Graph API is the gateway to data and intelligence in Microsoft 365. You can use it to access Azure AD data, such as users, groups, and application registrations, programmatically.

Discover the power of the Microsoft Graph API.

Important Note

Always use the latest versions of Azure AD libraries and SDKs to ensure you benefit from the latest security features and best practices.

Developer Tip

Leverage the sample applications provided to quickly understand how to implement common scenarios, such as user sign-in and calling protected APIs.

Sample Applications are available for various platforms.