MS identity platform cross-links #23234
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #19807
Looking the issue over (and I'll consider this further on upcoming UE "user experience" updates on #19286), I'd like to improve cross-links to MS identity platform docs for the basics on OAuth 2.0, OIDC, auth code flow, and tokens.
API docs cover these, and the extension methods can be found in reference source. Some of the differences are point-in-time ... ADAL to MSAL and implicit grant to auth code. We try to avoid covering migration in the reference docs. Transitions are covered by MS security docs.
These are documented in the ASP.NET Core security docs and API docs. If something (or some things) aren't clear or missing, it's best to open an issue from the relevant docs. I will take a fresh look at Blazor security docs on the UE passes, hopefully in the first half of 2022.