Should Implicit Flows Be Used When Registering An App In Azure AD?

system · August 8, 2023, 8:07am

Should Implicit Flows be used when registering an app in Azure AD ?

Issue/Query: Should Implicit flows be used when authenticating the app in Azure AD platform ?

Resolution: Note that scenarios that required implicit flow can now use Auth code flow to reduce the risk of compromise associated with implicit flow misuse. Under Authentication for the application in the Azure portal, a platform must be selected for the application and then the Access tokens (used for implicit flows) property can be set.

Consider the following guidance related to implicit flow:

Understand if implicit flow is required. Do not use implicit flow unless explicitly required.
If the application was configured to receive access tokens using implicit flow, but does not actively use them, turn off the setting to protect from misuse.
Use separate applications for valid implicit flow scenarios.

Topic		Replies	Views
Authentication against Microsoft Graph API? Help	3	1683	October 19, 2019
Azure AD integration (SS0) with Automation Cloud Automation Cloud automation_cloud , question	1	857	February 1, 2023
Salesforce SSO Azure AD Authentication Studio studio , question , salesforce	5	1362	May 9, 2022
Follow-up on "UiPath Automation Hub Configuration with Azure AD SSO" Automation Hub question , automation_hub	5	1166	January 16, 2021
Azure AD Authentication for Automation Cloud Automation Cloud	1	1651	February 17, 2021

Should Implicit Flows Be Used When Registering An App In Azure AD?

Should Implicit Flows be used when registering an app in Azure AD ?

Related topics