Reputation: 27
Why Allow Implicit Flow option by default checked in app registration at https://apps.dev.microsoft.com
What is the use of "Allow Implicit Flow" option in Microsoft App Regsitration for MSAL.
While adding platform , above option is default checked-in. What happens if uncheck Allow Implicit Flow option.
Upvotes: 0
Views: 800
Answers (1)
Reputation: 1935
What happens if uncheck Allow Implicit Flow option.
If uncheck Allow Implicit Flow option, when you send an OpenID Connect authorization request to get an id_token from the v2.0 endpoint, an unsupported_response error will be returned: The provided value for the input parameter 'response_type' is not allowed for this client. Expected value is 'code'.
In the Application Registration Portal, the Allow Implicit Flow option enables the OpenID Connect hybrid and implicit flows. The hybrid flow enables the app to receive both sign-in info (the id token) and artifacts that the app uses to obtain an access token. The hybrid flow is the default flow used by the OWIN OpenID Connect middleware. For single page apps (SPA), the implicit flow enables the app to receive sign-in info and the access token.
For this, you could also see clearly in the app registration(preview):
For the details, you could refer to here.
Upvotes: 1
Related Questions
- Why is the dropdown Application greyed out in Run user flow?
- Azure AD B2C associate user flow with an app one-to-one
- MS Identity Azure app registered but sends unauthorized_client in implicit flow
- AD B2C test user flow does not allow selection of application registration
- AzureAD - oauth2AllowIdTokenImplicitFlow for app-registrations
- Microsoft Owin Don't want to use implicit flow
- Implicit Flow is not reacting properly in Azure AD
- In Azure Active Directory authentication why is authorisation code flow used
- Azure AD ADAL Implicit flow clarification
- Enable OAuth 2.0 implicit flow capability for the Azure AD application