Archive for February, 2020
Modern Authentication process flow:
02/26/2020
No comments
- Client (Outlook) sends a request to Exchange Online (EXO) to access the mailbox and download data.
- Next EXO request that the client authenticates to Azure AD.
- Azure informs EXO that the user domain is federated and provides the Auth url for EXO to authenticate with the IDP, based off the root domain of the user.
- For example user@tecism.com authenticates to sts.tecism.com
- ADFS then communicates with your domain controller to authenticate the user account.
- The DC successfully authenticates the user, and sends the information back to ADFS.
- ADFS then sends the authenticated user token back to the client.
- The user’s client (Outlook 2016, Outlook 2013, Outlook app,etc) then goes Azure AD with the token, to authenticate, and upon a successful authentication is provided with Access and Refresh tokens that can be used for subsequent logins.
- The client then takes those access tokens and provide them to Exchange Online so it can access the user data.
Categories: Uncategorized