Any document/resource to help us understand how cookies works in AAD authentication? (OAuth))

Zhiyuan Zhang 21 Reputation points
2020-01-07T18:19:06.057+00:00

I am interested in how AAD use the cookies. There is the link describes cookies definition for AAD B2C.
https://learn.microsoft.com/bs-latn-ba/azure/active-directory-b2c/cookie-definitions
But this link does not include all of the cookies I have seen from my browser. Maybe this link is all about B2C only. Do you have any resource (article or url) to help me understand how Azure AD works with cookies?
It would be great you have some video training session for this topic.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,768 questions
0 comments No comments
{count} votes

Accepted answer
  1. Frank Hu MSFT 81 Reputation points
    2020-01-07T20:23:28.267+00:00

    Hey @Zhiyuan Zhang ,

    Which cookies are you referring to? It depends on which flow you're using, the EasyAuth module for example for app services utilizes cookies much more than the oauth2/oidc/implicit flows.

    I suggest taking a look at chris gillium's blog regarding the easy auth module's cookies : https://cgillum.tech/category/easy-auth/

    In regards to OAuth2 and OIDC, the main resources for learning about how the cookies work would be the official MSFT documentation regarding how the flows work. This can be found here : https://learn.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios

    Specifically for SSO which is typically when cookies are most interesting, I suggest taking a look at the Seamless SSO deep dive and technical docs : https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-how-it-works
    https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on


0 additional answers

Sort by: Most helpful