16. Azure AD
Browser Web AppOAuth-
authorize
OAuth-
token
graph
Navigate to your application
Post authN token and authZ code to your application’s redirect URL
No session,
send authN
request
Verify
token
signature
302 redirect for sign in
OpenID Connect request
(user signs in)
Set cookie and return user to page they started on
Redeem authZ code
Return access token and refresh token
Call the Graph API
OpenID Connect ログオンフロー