This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Azure AD - What is the purpose of Authentication ID / Password

Hello!

So, I know we use OAUTH2 for doing all the Azure AD stuff, but what is the reason for the Authentication ID and Password, which appears to be required in the documentation?

I have set these, and it works, but was wondering why we need this authentication at all. I guess it's because the Client ID and Password is not enough to get a login? And if this is the case, I wonder if there are plans to not require the Username and Password any more.

Thanks,

-K

Parents
  • 0  

    Hi Keith,

    I believe that Authentication ID/Password (user with password) requirements coming from MSOnline module use.

    Functionality of this MSOnline module (officially deprecated by MS a number of years ago) partially migrated to AAD/MS.GRAPH modules, but it still have some "unique" functionality.

    MSOnline module use SOAP API for access to AAD (that never properly documented by MS).

    MSOnline doesn't support Enterprise Application with certificate/secret-based authentication, only username/password method.

Reply
  • 0  

    Hi Keith,

    I believe that Authentication ID/Password (user with password) requirements coming from MSOnline module use.

    Functionality of this MSOnline module (officially deprecated by MS a number of years ago) partially migrated to AAD/MS.GRAPH modules, but it still have some "unique" functionality.

    MSOnline module use SOAP API for access to AAD (that never properly documented by MS).

    MSOnline doesn't support Enterprise Application with certificate/secret-based authentication, only username/password method.

Children
  • 0 in reply to   

    Thank you very much for the clarification. I have passed it on to the powers that be. I just wished that the Azure AD Driver could do everything without the need for Username / Password...but I now understand.  The Client ID / Client Secret lead me to believe that we did not need the authentication information, but that appears not to be the case.

    Thanks again!

    -K