Slides supporting the session deep dive with the Microsoft Graph at Techorama Belgium 2018. Talking about authentication, authorization, integrations with azure functions and the SharePoint Framework.
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
Slides supporting the session at the granite state user group meeting of January 2019. Talking as well about #Azure Active directory and lots of other things
Microsoft Viva Connections - Set up and Extend with SPFxNanddeep Nachan
Viva Connection integration with SharePoint enables a dynamic, engaging, and personalized employee experience for your organization. These innovations power the intelligent workplace, where teams can collaborate and streamline workflows, organizations can engage employees and communicate effectively, and individuals can be more creative and productive with experiences and insights powered by artificial intelligence (AI).
In this session we will dive into setting up Viva connections using SharePoint and integrating with Microsoft Teams.
We will explore how the Developers can extend Microsoft Viva Connections for building engaging experiences with the widely adopted SharePoint Framework (SPFx).
The Cloud. SharePoint Online. Office 365. No doubt you have been inundated with marketing on Microsoft’s cloud vision. Certainly the promised benefits of 99.9% uptime, safeguarded data, and a near maintenance-free environment saving time and money are compelling. However, technical issues such as authentication, migration, integration with legacy systems, and lack of server access may paint a cloudy picture. In this no-nonsense session, we’ll look at Microsoft’s current hosted SharePoint offering and give you the straight, unbiased story. Join us and you’ll also get live demonstrations and the latest forecast on what you can expect in the future.
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
Slides supporting the session at the granite state user group meeting of January 2019. Talking as well about #Azure Active directory and lots of other things
Microsoft Viva Connections - Set up and Extend with SPFxNanddeep Nachan
Viva Connection integration with SharePoint enables a dynamic, engaging, and personalized employee experience for your organization. These innovations power the intelligent workplace, where teams can collaborate and streamline workflows, organizations can engage employees and communicate effectively, and individuals can be more creative and productive with experiences and insights powered by artificial intelligence (AI).
In this session we will dive into setting up Viva connections using SharePoint and integrating with Microsoft Teams.
We will explore how the Developers can extend Microsoft Viva Connections for building engaging experiences with the widely adopted SharePoint Framework (SPFx).
The Cloud. SharePoint Online. Office 365. No doubt you have been inundated with marketing on Microsoft’s cloud vision. Certainly the promised benefits of 99.9% uptime, safeguarded data, and a near maintenance-free environment saving time and money are compelling. However, technical issues such as authentication, migration, integration with legacy systems, and lack of server access may paint a cloudy picture. In this no-nonsense session, we’ll look at Microsoft’s current hosted SharePoint offering and give you the straight, unbiased story. Join us and you’ll also get live demonstrations and the latest forecast on what you can expect in the future.
Presented by Nguyen Hoang Nhut, this presentation covers the approach for migrating Lotus Notes application databases to SharePoint 2007, methodology, process and tools.
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015Nicolas Georgeault
Slideck of our session with @Ju_stro.
Full step by step demo of #SharePoint and #Office365 Hybrid setup from domain registration to Hybrid Picker scenarios.
Building SharePoint 2016 Hybrid the right wayBrian Culver
Let’s build a SharePoint 2016 Hybrid farm following best practices on Azure in real time. During the build process we will discuss how the new features in 2016 affect the farm architecture and what new features need to be configured. We will also configure the farm to enable a hybrid farm with Office365. Following the session, the attendees will receive all scripts used during the demos.
Attendee Takeaways:
1. Tips and shortcuts to how to build a SharePoint 2016 farm.
2. Learn about many of the new SharePoint 2016 features.
3. Learn how to enable hybrid scenarios between On-premise SharePoint 2016 and Office 365.
Presented at Houston TechFest 2016
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
This session will teach you everything that you need to know in order to understand SharePoint Apps, authentication and authorization. Learn about the different type of Apps, the underlying Apps architecture and how to configure an on-premises environment to support Apps. Also you will learn about the different authentications options available for integrating apps, devices, and applications for on-prem scenarios, in the cloud and hybrid.
The presentation will give people an overall picture of Lotus Notes transition to Office 365. It's not just a "getting started" guidance but also a handbook for those who are planning for Microsoft Cloud transformation.
Presented by Nguyen Hoang Nhut, this presentation covers the approach for migrating Lotus Notes application databases to SharePoint 2007, methodology, process and tools.
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015Nicolas Georgeault
Slideck of our session with @Ju_stro.
Full step by step demo of #SharePoint and #Office365 Hybrid setup from domain registration to Hybrid Picker scenarios.
Building SharePoint 2016 Hybrid the right wayBrian Culver
Let’s build a SharePoint 2016 Hybrid farm following best practices on Azure in real time. During the build process we will discuss how the new features in 2016 affect the farm architecture and what new features need to be configured. We will also configure the farm to enable a hybrid farm with Office365. Following the session, the attendees will receive all scripts used during the demos.
Attendee Takeaways:
1. Tips and shortcuts to how to build a SharePoint 2016 farm.
2. Learn about many of the new SharePoint 2016 features.
3. Learn how to enable hybrid scenarios between On-premise SharePoint 2016 and Office 365.
Presented at Houston TechFest 2016
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
This session will teach you everything that you need to know in order to understand SharePoint Apps, authentication and authorization. Learn about the different type of Apps, the underlying Apps architecture and how to configure an on-premises environment to support Apps. Also you will learn about the different authentications options available for integrating apps, devices, and applications for on-prem scenarios, in the cloud and hybrid.
The presentation will give people an overall picture of Lotus Notes transition to Office 365. It's not just a "getting started" guidance but also a handbook for those who are planning for Microsoft Cloud transformation.
SPS calgary 2017 introduction to azure functions microsoft flowVincent Biret
Slides of the session introduction to Microsoft flow and azure functions during SPSYYC. Lean to create no-code powerful workflows and extend those in a matter of minutes with Azure Functions
#SPSBrussels 2017 vincent biret #azure #functions microsoft #flowVincent Biret
Slides of the session given at the SharePoint Saturday Brussels 2017 around Microsoft flow and Azure Functions. This session is an introduction to both services and how you can combine them
What can you do with Azure Mobile Services? In a big solution, made up of several services, you can control your remote infrastructure looking at you events collected in a DB and you can send commands.
Deliver an Enhanced User Experience by Combining Azure, Teams and the Microso...Frederik Bisback
Does your company have several teams demanding test environments in Azure? Well, then I will tell you how you can combine Azure Blueprints (Custom Connector), PowerApps, Power Automate and Microsoft Teams to get in total control of the environment.
The app will be used to send requests, gather feedback and manage the environment. Teams will be used to send approvals to the Team Manager and inform the requester once the environment has been provisioned. And of course, all of this will be automated with Low Coding.
This is a presentation to provide an overview of the automation options available to you in Office 365. From the desktop to third party apps, there are a lot of ways to automate repetitive tasks and give you more free time.
#SPSNYC 2018 Migrate your custom components to the #SharePoint Framework #SPFXVincent Biret
Slides supporting the session at 2018 SharePoint Saturday New York CIty. Talking about the SPFX azure functions the microsoft graph, provisioning, site scripts and so much more!
Microsoft Graph API - A Single Stop For Your Cloud SolutionDipti Chhatrapati
The purpose of this slide is to help you to build a Cloud App using Microsoft Graph API as per your business requirement that works with data from different cloud services whether it’s a one-drive, outlook, office 365 Groups, Users and many more.
I have categorized information by seven rainbow colored steps to understand how Microsoft Graph API is a single stop for your cloud solution , hope you will enjoy it !
#MicrosoftGraph Community call - automating your digital workplace provisioni...Vincent Biret
Slides supporting the demonstration during the september 2019 community call. Recording is on youtube. Talking about Office 365, Microsoft Graph, Azure Functions and more
#MSBuild using #IoT to improve peoples's health and brain powerVincent Biret
Slides supporting the Microsoft Build 2019 session. This session exposes a mix of production experience and do it yourself hacking solutions to improve personal health.
#SPSHouston Automating your digital workplace proivisioning with #Azure Durab...Vincent Biret
Slides supporting the session during SharePoint Saturday Houston. Talking about Azure Durable Functions, SharePoint Framework, Architecture, and the Microsoft Graph
Microsoft #ignite tour #toronto 2019 How to do #DevOps with the #SPFx and why...Vincent Biret
Slides supporting the session during the Microsoft Ignite tour Toronto. Talking about Azure DevOps, DevOps philosophy and practices, unit testing and much more.
#ESPC18 how to migrate to the #SharePoint Framework?Vincent Biret
Slides supporting the session at the European SharePoint Conference 2018. Mostly talking about the SharePoint Framework and other powerful tools that can save developement time
#ESPC18 How to do #devops with the #SharePoint Framework and why it matters?Vincent Biret
Slides supporting the session at the European SharePoint Conference 2018. Mostly talking about continuous integration, automated testing and continuous deployment
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
2. Passioned by technologies, development and community
Vincent Biret
@baywet
bit.ly/vince365
MVP Office Servers and Services
Azure and Office 365 developer @ 2toLead
3. Devs, devops, deciders. Endless possibilities, faster time to market, focus on business
value
Audience?
4. Microsoft made a subsequent investment for a few years to unify it’s API’s, authentication
modes and data formats as well as deliver a converging model.
Why the Microsoft Graph? Thanks
Yina!
8. Or modern web developers’ nightmare
Authentication & Authorization
9. AAD has become the key central identity service for Microsoft and provides a seamless
experience to end users.
Microsoft’s Central Identity Service
• Leveraged by all Office 365 workloads
• Stores Users, Groups, Applications…
• Provides many capabilities
• Hybrid: SSO, Federation, Synchronisation
• Enforced security: MFA, geo-fencing,
• Increased Productivity: SSPR, B2C
10. Situation is painful, v2 slowly catching up, Microsoft is trying to improve it. When starting
a project, take the limitations into account and go from there.
ADAL and MSAL
• Two auth libraries from Microsoft for AAD
• ADAL talks to v1 endpoints
• MSAL talks to v2 endpoints
• MSAL still in preview but commercially supported
11. V1 is still recommended if you’re only working with O365 accounts. Microsoft is working
hard to migrate services and make models converge.
Two endpoints: details
• V2 brings:
• Unified Authentification and
autorisation for MSID and AAD
• Dynamic Scopes (opposed to
ressources)
• Client credential flow
• On Behalf Flow
• V2 Limitations:
• # of secrets
• securing APIs
• Not showing up in Azure Portal
• no wildcard redirect URL
• Limited « resources » available today
• No SAML or WS-Federation backend
12. Microsoft makes the consent flow much more flexible for developers, and gives more
control to users
Resource VS Scope
• Resource: « an application that can receive a token and provide
services »
• Eg: https://graph.windows.net
• Scope: « a subdivision/permission on that resource »
• Eg: Directory.Read, Directory.Write
• With V2 you need to provide all the resource:scope in the request,
allowing you to have gradual content
13. It’s important to understand which tokens you’ll be getting to avoid confusion.
Token types
ID Token
Access Token
Always Important to remember for which
resource
Refresh Token
Always Important to remember for which
resource
16. As application developers we DO NOT want to store username/password. Delegating that
responsability to AAD diminushes the exposed surface a lot if our app gets compromised
Basic principle (ultra simplified)
MS Graph
Get a token
17. In this scenario we simply want to display information about the user on the app. The
access token is short lived and you won’t get a refresh token
OIDC Implicit Grant
MS Graph
1 id token + access token A
Open Id Connect + OAuth 2.0
(in her browser)
3 gets the data
18. In this scenario we want to sync some data on the local device. The importance is
getting a refresh token
OIDC Authorization Code grant
MS Graph
1 authorization code
2 access token + id
token + refresh token
(in her App)
Bakground agent
1 presents refresh token to AAD
2 gets access token
4 gets the data
19. In this scenario let’s suppose we want to crawl data for all users with a backend process.
This scenario acts as the application alone.
Client Credentials Grant (V2)
MS Graph
2 access
token
gets the data
20. In this scenario we want to check if the user is under age or not for alcohol drinking and
our API is going to hold the logic. The important difference: we only declared 1 app
On Behalf Flow (v2)
MS Graph
1 id token + access token A
Open Id Connect + OAuth 2.0
4 access
token B
5 gets the data
(in her browser)
22. The “be nice, eh” solution
The need
• We want to encourage people to have better interactions
• For that we’re going to “scan” their emails
• Score the sentiment
• Have a webpart that displays average score per user on the company
portal
23. The solution requires a minimal development effort thanks to the integration between
the services provides by Office 365 and the infrastructure provided by Azure.
The architecture
MS
Graph
1
4
1 – Users send/receive emails
2 – Exchange communicates with
Graph
3 – Graph triggers our function for
analysis
4 – Users log into SP Portal
5 – SPFX webpart contacts Azure
function for data
26. SharePoint Framework in a few words
• First party and third extension
model
• Modern tooling
• Open source based
• More examples
• More community support
• Bigger developer community
• Bigger choice of tools
• Smaller footprint
• Better peformances
27. Since v1.4.1 SPFX has built-in partial support for the Microsoft Graph with SharePoint
Online only
SharePoint FrameWork + Graph
30. Improving the « pay for what you use » and the elasticity principles, it also provides a
total abstraction of servers
Serverless definition
31. Enable your team to deliver solutions faster, in a mosre structured way moving the focus
on the business logic
Benefits
32. From zero to productions in 7 steps! Microsoft’s answer to serverless
Azure functions
• Pick a language
• Pick a trigger
• Add some inputs/outputs
• Write the business logic code
• (test/deploy)
• Scale your service
• Ship to production!!!
37. Microsoft’s goal is to make « citizen developers » lives easier by providing robust and yet
simple tools
Microsoft Graph + Azure Functions
• Serverless benefits
• Microsoft Graph data access
• Built in security
• More flexible than Microsoft Flow
38. These bindings handle a lot of the boiler plate for you, saving a lot of time and headache
New Azure functions bindings (v2)
Azure Function queries the
Microsoft Graph
Web hook
Calls the function
MS Graph
39. Only with functions v2, still in preview. Most important ones being webhooks + auth that
allow you to do anything. You can also leverage flow as a relay.
Azure Functions + Microsoft Graph
•Excel table input/output bindings
•OneDrive File input/output bindings
•Outlook output binding
•Auth token input binding
•WebHook triggers/binding
40. All the new SPFX capabilities came out with 1.4.1. It’s becoming seamless to integrate
those technologies together.
SharePoint Framework + Azure Functions
• SPFX helps “linking” AAD app + SPFX solution
• SPFX helps “getting the tokens”
• SPFX helps “talking to the graph/secure API” (preview)
• Azure functions can be “secured” via bearer token (AAD)
42. Microsoft must put safeguards to guarantee service level and customer’s satifastication
Context
• Office 365 is a set of services
• These services rely on limited resources
• (memory, CPU, IOPs, Bandwith…)
• These resources are associated to a cost
• (hardware, cooling, electricity, facility, maintenance, operating…)
• Any service outage impacts customer satisfaction (and revenue)
43. Bounderies are defined for multiple service concepts and levels, which sometimes makes
it hard to understand
Model
• Usage of anything is always limited
• Those limits can be dynamic or fixed
• API usage is dynamic
• Storage for a user/site collection is fixed
• Some of those limits can be increased by the SKU and/or the number
of seats
• API usage is throttled by a per user base (at first)
44. From the Microsoft Graph to the internal service, the user usage will always be
considered first, and then the tenant at large
Local resources
Office 365 perimeter network
Microsoft Graph
Workload’s API
Internal service
Service
resources
45. The idea is to limit your usage of the resource, flatten the spikes, keep key features alive
while shutting other off, or even tell the user to back-off before everything shuts down
What can you do?
• Cache reading operations (if possible)
• In proc, in memory, distributed cache (Redis)
• Watch for Rate-Limit Limit, Remaining, and Reset response headers*
• Watch for 429’s or 503’s and implement incremental backoff policies*
• Or better delay the operation until the Retry-After response header
• Implement Circuit Breaker Design pattern
• Throttle your own incoming traffic using Telemetry
46. The quotats are always per user based, x users = x « quotat points », 1 app only = 1
quotat point, avoid using app only if not necessary
Circuit Breaker Design pattern
MS Graph
48. The Microsoft Graph allows you to build extraordinary solutions, because it’s an
aggregation of different services, it comes with things to consider
Conclusion
•Getting AuthZ & AuthN right is
crucial!
•Mind throttling from day 1
•SPFX & Azure Functions are here to
help make things simpler
Devs, devops, deciders
Why should you care? Endless possibilities, faster time to market, focus on business value
It’s a tremendous opportunity for developers whether you’re ISV, consultants or at a customers to provide rich and innovative applications.Doesn’t add any cost to office 365.
Also provide some form of intelligence
Gestion des questions, interaction, ok avec ce programme?
Client credential flow: service can id alone without impersonification (service account)
On behalf flow: in a certain context an app can relay authentifcation via API to present APP + user and not only user (in excel for eg)
On behalf flow will help a lot office add-ins to access custom APIs
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-limitations
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-compare
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-service-to-service
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-on-behalf-of
https://myignite.microsoft.com/sessions/55110?source=sessions
First the user accesses APP/API as anonymous
App redirects him to AAD to first authenticate, then consent/grant, authorize.
AAD redirects the user to the application, with the identity token.
That identity token can be leveraged to request an access token to other resources/scopes.
At the moment OIDC Code Grant + on behalf flow DO NOT WORK TOGETHER
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code
https://www.scottbrady91.com/OpenID-Connect/OpenID-Connect-Flows
Previously called service to service
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-certificate-credentials
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-service-to-service