Increase the resilience of authentication and authorization applications you develop
The Microsoft identity platform helps you build applications your users and customers can sign in to using their Microsoft identities or social accounts. Microsoft identity platform uses token-based authentication and authorization. Client applications acquire tokens from an identity provider (IdP) to authenticate users and authorize applications to call protected APIs. A service validates tokens.
A token is valid for a length of time, and then the app must acquire a new one. Rarely, a call to retrieve a token fails due to network or infrastructure issues or an authentication service outage.
The following articles have guidance for client and service applications for a signed in user and daemon applications. They contain best practices for using tokens and calling resources.
- Increase the resilience of authentication and authorization in client applications you develop
- Increase the resilience of authentication and authorization in daemon applications you develop
- Build resilience in your identity and access management infrastructure
- Build resilience in your customer identity and access management with Azure AD B2C
- Build services that are resilient to Microsoft Entra ID OpenID Connect metadata refresh