Azure Ad redirect Auth on FrontEnd via API

Question

If a frontend[Android App] hit a web API[spring boot] for sign in request and that request it invokes the Azure AD auth controller on that API which open the redirect url on browser for login, how to redirect/open a credential page on the front end [Mobile App] for login in response of this request.

Answer 1

@SharmaAyushNokiaINGurgaon-5163, Ideal process is that:

1. First, a search is initiated in the internal application cache to check if there is an existing token (refresh-token) available that can be used. If its present, the MSAL4J goes ahead with that old token and silently gets a new token (access-token).
2. If an old token is not found (in case of a fresh login by the user), MSAL4J goes ahead with the interactive login step where it provides a pop-up/redirect with the https://login.microsoftonline.com/common/oauth2/v2.0/authorize? endpoint which is responsible for asking the user to interactively enter the username and password.

You can refer to the following doc and the sample for better understanding: https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-java-webapp

You can check the following docs for more information:

• https://github.com/Azure-Samples/ms-identity-java-webapp/tree/master/spring-security-web-app
• https://github.com/AzureAD/azure-activedirectory-library-for-java/wiki
• Details for MSAL4J: https://github.com/AzureAD/microsoft-authentication-library-for-java

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.