You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There are two permissions available for granting the ability to create application registrations, each with different behavior.
microsoft.directory/applications/createAsOwner: Assigning this permission results in the creator being added as the first owner of the created app registration, and the created app registration counts against the creator's 250 created objects quota.
microsoft.directory/applications/create: Assigning this permission results in the creator not being added as the first owner of the created app registration, and the created app registration won't count against the creator's 250 created objects quota. Use this permission carefully, because there's nothing preventing the assignee from creating app registrations until the directory-level quota is hit. If both permissions are assigned, this permission takes precedence.
Comparing step-up authentication with MFA using OAuth/OpenID Connect versus using the Authentication API requires examining various factors, including flexibility, integration complexity, and use-case alignment. Here's a breakdown:
OAuth/OpenID Connect
Pros:
Standardization: Leverages widely accepted standards, ensuring compatibility across a broad range of platforms and services.
Ecosystem Support: Supported by a vast ecosystem of tools, libraries, and services, facilitating easier integration and maintenance.
Delegation: Designed for delegation scenarios, allowing third-party applications secure access without exposing user credentials.
User Experience: Can offer a smoother user experience, especially for web and mobile applications, by utilizing familiar login flows and minimizing additional prompts.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters