0

I'm now working with the Azure AD authentication through this two samples, and it's all worked fine:

But is there any way to authenticate Azure AD with restful API like below?

POST https://loginmicrosoft/XXXXXX
Body 
{
    "username":"YOURACCOUNT",
    "password":"YOURPASSWORD"
}

The Reason I want to use this way is because we have our own login page and want to integrate with Azure AD.

Improve this question

1 Answer 1

Reset to default
1

Yes you can. It's called using the resource owner password credentials grant in OAuth 2.0. However, it's no longer a valid flow as of OAuth 2.1 and Microsoft recommends you don't use it. See their documentation here: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc

OAuth 2.1 consolidates the changes published in later specs to simplify the core document.

The major differences from OAuth 2.0 are listed below.

  • PKCE is required for all OAuth clients using the authorization code flow
  • Redirect URIs must be compared using exact string matching The Implicit grant (response_type=token) is omitted from this specification
  • The Resource Owner Password Credentials grant is omitted from this specification
  • Bearer token usage omits the use of bearer tokens in the query string of URIs
  • Refresh tokens for public clients must either be sender-constrained or one-time use

If you have your own login page, why not do a redirect or host your login page on Azure AD?

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for the answer! "If you have your own login page, why not do a redirect or host your login page on Azure AD?", because our login page was also designed in OAuth 2.0 flow, so we just wondering how we can integrate our login method with Azure AD but not redirect to the Azure AD login page.
BTW, cause our accounts are under a organization(Company), can we also use the ROPC flow?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.