This episode alone deserve to be your subscriber. The way you have explained it has answered my 3 year old questions.

10/10! This is a great example and explanation of grant types!

7 +Years of outlook stalking solved under 15 minutes. Love you! You deserve lots of money and good loving. Wishing you the best!

Great bro. Thanks for a lot for realistic videos

You are great bro

Thanks for the great demo. I just had one question. If I have a single page app or a native app and a backend API (django rest) completely independen of each other. In my case if my single page app/native apl wants to access certain data from backend API. And inorder to access the API, user should be logged in to the backend API. So what my approch is to make use of MSAL library to get the access token from the SPA/native app and then once token is acquired, pass that token to backend API, validate it, get the user info from graph api, if user is exists in the DB login the user and pass the required info. If user info doesn't exist then create the user, login and pass the info from API. So my question is when I pass the access token to backend api. How can we validate that the token which we passed to backend API is valid token or not? Is it just we need to make an API call to graph API? if it is able to get the user data then token is valid or if it fails then the token is invalid. Is it the general way to validate the token or some better approach is there? Please help

Useful video, but couldn't understand refresh token, how it can be revoked. How token lifetime policy will impact the flow If we have sign-in frequency under conditional access policy, will the access token expire at sign in frequency?

Great explanation sir..

Hello conceptworks, Very good explanation of tokens, I just have a question: that is the default expiration for access token from Entra ID connect? What is the difference between refresh token and Primary Refresh Token PRT? Best regards,

Thanks for the explanation.....Could you please let me know ...how to ignore session_state while sending it token endpoint

This video must be included in MS documentation.

Is Refresh token an application or user specific? can a refresh token be used to request access token for different application?

Is we get the refresh token in initial request itself via powershell instead of postman? Please advice on this

Is this token can be compromised? I know it is Base64 encoded. However, can it still be tampered if it travels down the wire? Is there any other security provisioned for this token on top of Base64 or Base64 is enough?

How to generate an authorization code? Also can you please explain how i can use access token in the header instead of authorization token

What if we use SAML instead of OpenID?

Hi, it was very informative. i have one doubt though. In my case i want to run some thread in background just to sync users data in our system and as we know access token expire in an hour and then we can use refresh token to get new access token. let me know how i can make sure that my refresh token never expire so that i can grab new access token always.

Hello Sir, please make a video on Exchange Hybrid mail flow

Thanks

How to encrypt the id token in azure ad/entra?

Can you demo how to configure Azure AD tokens with Nginx. Would be helpful

Great Video I want small help is it possible to add the payload in refresh token also like expiration time and all?

How to get new token using refresh token using postmen

Hello, if i want to write an app that retrieves new mail in a mailbox without user interactions will application only token work in this case ?

what is the liftime of these tokens?

hello sir , can u please guide me i have MFA implemented and with that how can we use lifetime access token. please reply me .

Please upload the scripts..