After fighting to get some tutorial examples from 9781484250396 working, I learned that most of the examples required that I check the ID tokens feature for Implicit grant flow.
The text on the port.azure.com on the page for registering an AAD webapp and configuring the authentication says this under "Implicit Grant":
Is this correct? It sounds wrong where it says that ID Token is needed for ASP.NET Core Web Apps! I was hoping the Microsoft Examples of WebAps for .NET Core 3 would not require me to use the ID Token. If this is correct, it sounds like the only salvation is to use the latest version of MSAL.js instead of C# for all authentication.
What about .NET Framework? Do WebApps written in .NET Framework require ID Token?