The Microsoft identity platform implements the OAuth 2.0 authorization protocol. This protocol is a method that a third-party app can access web-hosted resources on behalf of a user. The web-hosted resources can define a set of permissions that can be used to implement functionality in smaller chucks. Developers can leverage one of two types of permissions supported by the Microsoft identity platform depending on the app scenario. In this module, you’ll learn the different types of permissions and consent framework models for obtaining permissions from users to use them in apps.
At the end of this module, you should be able to:
- Compare and contrast different permission types supported by the Microsoft identity platform
- Compare and contrast the difference between static and dynamic consent in user permissions
- Create an app that implements dynamic consent for incrementally obtaining permissions as needed from users