Reputation: 1124
What is the difference between a Native Application & Server Application when talking about ADFS Application Groups?
I'm new to Federation Services and I'm trying to understand how ADFS works as a whole and I've started to get down into the details. I followed along with creating an app using OIDC to authenticate a user, however, within the tutorial, they specified using a "Server Application" when setting up an Application Group. This ended up not working for me so I tried setting up a "Native Application" application group for kicks and was able to successfully login.
The thing that threw me off is, I ended up hosting ADFS on a server outside of the domain in which I had my application running, so I'm confused as to how that is "native" in terms of ADFS.
I went looking for this answer within microsoft's documentation but I didn't find the information very clear.
Native Application:
"Sometimes called a public client, this is intended to be a client app that runs on a pc or device and with which the user interacts."
Server Application:
"A web application that runs on a server and is generally accessible to users via a browser. Because it is capable of maintaining its own client 'secret' or credential, it is sometimes called a confidential client."
This may seem simple to some, but I'm trying to really get a grip on what would be used when. To me it sounds like a native application is used when you're running the application natively on a pc in which the user is also using the same pc, and the server application is run remotely in which the user would not be using the same machine. Is it really that simple or am I misunderstanding?
Upvotes: 3
Views: 3966
Answers (1)
Reputation: 46720
A native application (in Microsoft speak) is something that is not browser based e.g. mobile. The code runs client side. It may use JavaScript in which case the secret key is publicly accessible. (The secret key is one of the OAuth parameters). You use ADAL / MSAL to access it.
A server application runs server side e.g a web API. The secret key is not publicly accessible. You use OWIN to access it.
These terms have no relevance to where ADFS is actually installed. Native applications typically are not domain joined.
Upvotes: 4
Related Questions
- AD vs ADFS vs LDAP: Explain it like I'm 5
- Difference between adfs and azure AD
- What is the exact difference between native app and web app in Azure Active Directory
- What is the difference between an application server and application framework?
- Relying party vs application groups in ADFS
- What is the difference between a web application and a client/server application?
- Difference between OpenAM AND ADFS
- Are ADF Mobile Applications Actual Package Apps?
- What is a "server application"?
- Difference between an application client and a stand-alone client