PL 400 : perform authentication by using OAuth (Use platform APIs)

With the advancement of technology era, identity authentication is the major challenge in the computer world. Modern business cannot be imagined with computers, software and data. Nowadays, cloud computing technology is augmenting the model and technocrats are trying to find a solution to the authentication problem. In other words, they are trying to reach the right people at the right time. Authentication is not a new concept in the modern technology world.

Authentication is the process of recognizing a user's identity.


In April 2007, a group of talented people formed a group called the OAuth Discussion Group and drafted a proposal for an open protocol and gradually published a new open framework for identifying them. Nowadays, OAuth 2.0 framework is available for authentication.

OAuth stands "Open Authorization".

OAuth 2.0 is a framework, not a protocol (like version 1.0) that allows third party services to exchange user information without sharing any information. OAuth is a delegated authorization framework for REST APIs, which enables apps to have limited access to a user's data without providing the user's password.

Microsoft Dataverse uses OAuth 2.0 as its authorization standard. OAuth provides an industry-standardized mechanism for authenticating client applications against a resource. OAuth determines whether they are authorized to access the resources. Client applications must support the use of OAuth to access data using the Web API. OAuth enables two-factor authentication (2FA) or certificate-based authentication for server-to-server application scenarios.

OAuth requires an identity provider for authentication. For Dataverse, the identity provider is Azure Active Directory (AAD). To authenticate with AAD using a Microsoft work or school account, use the Azure Active Directory Authentication Libraries (ADAL) or Microsoft Authentication Library (MSAL).



When we connect using OAuth we must register an application in Azure AD tenant and define the types of applications. There are two types of applications we can register:

  • Web App/API : A type of client application that executes all code on a web server
  • Native: A type of client application that is installed natively on a device.

When we select Web app /API we must provide a Sign-On URL which is the URL where Azure AD will send the authentication response, including a token if authentication was successful. While we develop an app, this is usually set to https://localhost/appname:[port] so we can develop and debug  app locally. When we publish app, we need to change this value to the published URL of the app.

Comments

Post a Comment

Popular posts from this blog

Powering Up Your Analytics: Exploring Power Query in Power BI

Image
Data is a valuable asset that has a profound impact on almost every aspect of modern life. Its proper collection, analysis and application can promote innovation, improve efficiency and solve complex challenges in various sectors. In data processing, ETL is a comprehensive process that includes data extraction, transformation, and loading, while Power Query is a specific tool that facilitates the "extract" and "transformation" aspects of ETL, allowing data to be collected and analyzed. Permission is granted to process. And reporting. is ready. It becomes easy to do this. Microsoft's ecosystem of products. Power Query is a data transformation and data preparation engine. Power Query is available in Microsoft Excel and Power BI. Power Query provides a user-friendly and intuitive interface for data professionals and analysts to access and manipulate data from various sources without the need for extensive coding or scripting. It allows users to connect to a wide ra
Read more

Power App Component Overview : Canvas App vs Model-Driven App

Image
The Power Platform is a suite of low-code/No-code tools and technologies developed by Microsoft and Power App is integral component of Power Platform. Power App is platform that enables users to build custom web and mobile applications with a visual interface and minimal coding. The platform support various data sources, including Microsoft 365, Azure Service, and many other, enabling users to integrate and interact with their existing data and systems. In Microsoft's Power Apps, there are two main types of apps that we can create: Canvas Apps: Canvas apps provide a blank canvas where you can design highly customizable applications with a drag-and-drop interface.  Model-Driven Apps: Model-driven apps are built on top of the Dataverse, which provides a set of pre-built data entities and business logic. There are few key technical difference between Canvas App and Model Driven App: During the usability analysis, these high-level technical differences need to be considered. The choi
Read more

Exam PL-400: Microsoft Power Platform Developer

 Create a technical design (10-15%) Validate requirements and design technical architecture design and validate the technical architecture for a solution design authentication and authorization strategy determine whether you can meet requirements with out-of-the-box functionality determine when to use Logic Apps versus Power Automate flows determine when to use serverless computing, plug-ins, or Power Automate determine when to build a virtual entity data source provider and when to use connectors Design solution components design a data model design Power Apps reusable components design custom connectors design server-side components Describe Microsoft Power Platform extensibility points describe Power Virtual Agents extensibility points including Bot Framework skills and Power Automate flows describe Power BI extensibility points including Power BI APIs, custom visuals, and embedding Power BI apps in websites and other applications describe Power Apps portal extensibility points incl
Read more