2.2.3.4 use_windows_client_authentication
-
POST /token HTTP/1.1 Host: server.example.com Content-Type: application/x-www-form-urlencoded grant_type={grant_type}&client_id={client_id}&code={code}&redirect_uri={redirect_uri}&use_windows_client_authentication={use_windows_client_authentication}
OPTIONAL
The use_windows_client_authentication parameter is optional, and can be specified by the client role of the OAuth 2.0 Protocol Extensions in the POST body when making a request to the token endpoint (section 3.2.5.2). The client provides a value of "true" for the use_windows_client_authentication parameter to indicate that it will authenticate via the HTTP Negotiate Authentication Scheme described in [RFC4559].
The AD FS server ignores this parameter unless its ad_fs_behavior_level is AD_FS_BEHAVIOR_LEVEL_2 or higher.
For an example of the use_windows_client_authentication parameter being used, see section 4.8.
The format for the use_windows_client_authentication parameter is as follows.
-
String = *(%x20-7E) use_windows_client_authentication = String