Permissions and Consent Framework

Intermediate
Developer
Microsoft 365
Azure Active Directory

The Microsoft identity platform implements the OAuth 2.0 authorization protocol. This protocol is a method that a third-party app can access web-hosted resources on behalf of a user. The web-hosted resources can define a set of permissions that can be used to implement functionality in smaller chucks. Developers can leverage one of two types of permissions supported by the Microsoft identity platform depending on the app scenario. In this module, you’ll learn the different types of permissions and consent framework models for obtaining permissions from users to use them in apps.

At the end of this module, you should be able to:

  • Compare and contrast different permission types supported by the Microsoft identity platform
  • Compare and contrast the difference between static and dynamic consent in user permissions
  • Create an app that implements dynamic consent for incrementally obtaining permissions as needed from users

Prerequisites

  • Basic knowledge of OAuth authentication flows and terminologies
  • Ability to develop with ASP.NET Core at the intermediate level
  • Ability to develop with JavaScript or TypeScript at the intermediate level
  • Experience using Visual Studio Code at the beginner level
  • Access to a Microsoft 365 tenant