Microsoft now has API for both Microsoft and Azure AD Accounts

Hi

Microsoft (very) recently made some changes in there oauth2 infrastructure. The big benefit is that you can use both your live passport and you azure account to login using the same code (Azure accounts are used by many business). However there seems to be some differences in the protocol compared to the current one?

I'm new to oauth so i haven't managed to understand the differences yet. but there are at lest new urls to use and you need to register a new application at Microsoft.

dialog_url=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
access_token_url=https://login.microsoftonline.com/common/oauth2/v2.0/token

Microsoft Help page:
docs.microsoft.com/en-gb/azure/acti ...

Do i dare to put out a feature request? This would be perfect addition then developing for enterprise customers.

I can add support to these new end points as a distinct "server".

These seem to return id_token JSON Web Token because it is OpenID connect, so they also return user details without an additional request to the API.

Is this what you want?

Yes that was what I was hopping for, it would be a great solution and keeping backwards compatibility.

OK, I have just updated the package and provided a new example to work with this Microsoft OpenID Connect authorization.

It will return the id_token response so you can access some user details without making a call to the API that provided user data.

Take a look at the new example script and let me know if it works well for you.

Hi

I have done som test this today, authentication works good! Thank you for your changes.

calling $client->CallApi function against the graph API dont work, returns an error (InvalidAuthenticationToken) Bearer access token is empty." this is because $client->access_token is empty?