Hello @Aakash Sharma , thank you for reaching out. For using OAuth2.0/OIDC protocol with Azure AD, there are two endpoints that are available:
- /authorize endpoint: This endpoint is used when the user tries to get Authenticated and request a Code and IdToken from Azure AD in return for a successful Authentication.
- /token endpoint: Then the second endpoint that is called is the /token endpoint and to this endpoint, the previously received code from AAD is submitted to get an access-token to make further requests to access Azure AD protected APIs, for eg: Microsoft Graph API.
You can find more details on the auth flows here:
- Auth-Code Grant Flow of OAuth: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
- Open ID Connect Flow: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.