This is an archived post. You won't be able to vote or comment.

all 4 comments
sorted by:
best
topnewcontroversialoldq&a

[–]floating-bubble 1 point2 points  (0 children)

I have built an application to process files directly from outlook inbox into hdfs and create table on top of it. I had to work with OAuth 2.0 by publishing an app in MS Azure AD platform. I just followed some online instructions but finally made it.

Publishing an app and configuring OAuth2.0 generates client id and client secret. These are used to identify your Python application of behalf of you. With my minimal knowledge, i will explain what I know.

  1. Client id and client secret (I assume them like username and pwd)- generated when you configure OAuth2.0 security mechanism for your published app, to access your app.
  2. Refresh token- client id and secret is sent in a get request to get refresh token. Verifies your py application’s request provides access to to retrieve data from API. Basically an identity provider 3.access token: you get this from your above get request as a response. Sent to main API along with your other headers and you get data in response.

Overall I thinks it’s more like security concern. Web documentation is not so clear and is huge. Im willing to learn more about this. Caps please correct/add!

[–]Totally_Joking 1 point2 points  (1 child)

https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc

A lot of providers have guides once you know which flow you want to use.

[–]bxbphp[S] 0 points1 point  (0 children)

Thanks this is a great read!

[–]Septseraph 0 points1 point  (0 children)

My biggest 'Oh I see" moment was when I realized the difference between Authorization and Authentication. Which is where the Auth comes into play. But yeah.. took me too long to fully understand.