You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: Increase the resilience of authentication and authorization applications you develop
3
-
description: Overview of our resilience guidance for application development using Azure Active Directory and the Microsoft identity platform
3
+
description: Resilience guidance for application development using Azure Active Directory and the Microsoft identity platform
4
4
services: active-directory
5
5
ms.service: active-directory
6
6
ms.subservice: fundamentals
@@ -14,14 +14,19 @@ ms.date: 03/02/2023
14
14
15
15
# Increase the resilience of authentication and authorization applications you develop
16
16
17
-
Microsoft Identity uses modern, token-based authentication and authorization. This means that a client application acquires tokens from an Identity provider to authenticate the user and to authorize the application to call protected APIs. A service will validate tokens.
17
+
The Microsoft identity platform helps you build applications your users and customers can sign in to using their Microsoft identities or social accounts. Microsoft identity platform uses token-based authentication and authorization. Client application acquire tokens from an identity provider (IdP) to authenticate users and authorize applications to call protected APIs. A service validates tokens.
18
18
19
-
A token is valid for a certain length of time before the app must acquire a new one. Rarely, a call to retrieve a token could fail due to an issue like network or infrastructure failure or authentication service outage. In this document, we outline steps a developer can take to increase resilience in their applications if a token acquisition failure occurs.
19
+
Learn more:
20
20
21
-
These articles provide guidance on increasing resiliency in apps using the Microsoft identity platform and Azure Active Directory. There is guidance for both for client and service applications that work on behalf of a signed in user as well as daemon applications that work on their own behalf. They contain best practices for using tokens as well as calling resources.
21
+
[What is the Microsoft identity platform?](../develop/v2-overview.md)
22
+
[Security tokens](../develop/security-tokens.md)
22
23
23
-
-[Build resilience into applications that sign-in users](resilience-client-app.md)
24
-
-[Build resilience into applications without users](resilience-daemon-app.md)
24
+
A token is valid for a length of time, and then the app must acquire a new one. Rarely, a call to retrieve a token fails due to network or infrastructure issues or an authentication service outage. In this article, you'll find a list of articles to help increase resilience in applications.
25
+
26
+
The following articles have guidance for client and service applications for a signed in user and daemon applications. They contain best practices for using tokens and calling resources.
27
+
28
+
-[Increase the resilience of authentication and authorization in client applications you develop](resilience-client-app.md)
29
+
-[Increase the resilience of authentication and authorization in daemon applications you develop](resilience-daemon-app.md)
25
30
-[Build resilience in your identity and access management infrastructure](resilience-in-infrastructure.md)
26
-
-[Build resilience in your CIAM systems](resilience-b2c.md)
27
-
-[Build services that are resilient to metadata refresh](../develop/howto-build-services-resilient-to-metadata-refresh.md)
31
+
-[Build resilience in your customer identity and access management with Azure AD B2C](resilience-b2c.md)
32
+
-[Build services that are resilient to Azure AD's OpenID Connect metadata refresh](../develop/howto-build-services-resilient-to-metadata-refresh.md)
0 commit comments