Hi,
I've read some blogs and the parts of the documentation of azure active directory concerning OAuth 2.0 and played arround with it. Now I'm wondering, if I got the following right:
When I want application A to get an OAuth2.0-Token for accessing application B I have to do the following steps:
- Create both applications in Azure AD
- Alter the manifest of application B to define some rights to delegate
- Map application B to application A and select some rights
- Let Application A talk to it's OWN OAuth2.0-Endpoints to get a token for accessing application B. For that, I have to specifiy resource=URI_OF_APP_B within the requests
- Use that token to access application B
Did I get this right?
Wishes,
Manfred