Reputation: 9318
The differences between authentication protocols and authentication flows
Considering the following documentation, I understand that Azure AD B2C (and Azure AD) support two protocols: OpenID Connect and OAuth 2.0
https://learn.microsoft.com/en-us/azure/active-directory-b2c/protocols-overview
At the same time, AAD and B2C support different authentication flows, such as Authorization Code Flow, Implicit Flow, or Client Credential flow.
What are the differences and connections between authentication protocols and authentication flows?
Upvotes: 0
Views: 161
Answers (1)
Reputation: 46720
Flows are a subset of protocols.
OpenID Connect is built on top of OAuth2. These are protocols.
These protocols contain the flows you mentioned.
AAD also supports the SAML 2.0 and WS-Federation protocols.
B2C also supports the SAML 2.0 protocol.
WS-Federation e.g. supports two flows:
- Passive = browser based
- Active = webapi based i.e. WCF
Upvotes: 2
Related Questions
- Authentication vs Authorization?
- Is OAuth2 Authorization Code flow an authentication protocol?
- Azure B2C - 2 Applications, Different Protocols
- Azure AD B2C authentication
- Define Azure AD B2C vs B2B uses and differences
- Azure AD B2C - Auth code flow vs implicit grant flow based on client types
- Azure AD vs Azure AD B2C for web and mobile apps
- Authentication Scenarios except Azure AD
- Types of authentication in azure?
- What are the exact protocol differences between Azure AD "classic", ADFS "3.0" & B2C