Hi Team,
We have an application which is an archiving system
and the source for this is Exchange Online. We connect to Exchange server to communicate and access mails which needs to be archived in our system. Currently we are using basic authentication to authenticate the users in our application. Since basic authentication
is going out of support, we are working on migration from basic authentication to OAuth. Considering
this we now see that there are several authentication flows provided by MSAL out of which the shortlisted approach is
1) Authorization code flow
2) Client credentials flow
In order to confirm on these we wanted some clarity
on these approaches:
1) Pros and cons of Authorization code flow v/s Client
Credentials flow
2) Additionally, we have one query on permission types.
If we use Authorization code flow we were dealing with delegated permissions and when we use Client credentials flow we had to use application permission.We
wanted to know if there is a major difference in the permission types.
3) It's mentioned that client credentials only works
with web client, currently in our desktop application, we were able to use this flow and access the web API. Can we continue using this flow? On a longer run will there be any bottleneck?
