Connecting to Orchestrator API-Thrid party apps

I’ve read the documentation about connecting to Orchestrator API and have managed to connect it all via Postman.

I was wondering; if I wanted to build a desktop app, and distribute that app to the users internally on a secure company network, what is the most practical way to handle user authentication and that architecture in general?
Let’s say I want users to authenticate with their windows username and credentials.

If I add my desktop application as a non-confidential inside orchestrator my users would get a login pop up and they would just choose ‘windows’ authentication method and would get authenticated.
Did I got that correct? Provided that the connecting user is added to my AD group of users inside Orchestrator?

Bearer token authentication and NTLM authentication have been deprecated. Use OAuth instead.

Reference: Using OAuth for External Apps

But on the link Using OAuth for External Apps (
you still have descriptions for connecting with bearer token and code challenge or I am missing something?
Ok, if that’s depreciated, what part of the article relates to how would I go and connect my external app to Orchestrator?
Thank you

If you will read the documentation and press on the links it will redirect you to the correct instructions. I already provided the link in the last post.

I am reading it and I don’t understand it.

Where did you stop?
What exactly you are not understanding?