课程: Integrate Microsoft Graph in Your Applications

今天就学习课程吧!

今天就开通帐号,24,600 门业界名师课程任您挑!

The consent model

The consent model

课程: Integrate Microsoft Graph in Your Applications

开始一个月试用 购买团队方案

The consent model

- [Instructor] Now let's talk about the consent model. Now I'm talking in context of Microsoft Graph, but really I'm defining or describing a concept that is baked into Microsoft Entra ID. And by extension, this is something that is derived from the OIDC spec. Okay, so Microsoft Graph has a rich collection of APIs. Many of these APIs can expose very sensitive information or functionality. For example, create a teams channel who should be able to create such a channel, or read all users emails or profiles, or functionality that may even have a cost impact. Maybe you're using a part of Office 365 where the more you use it, the more you pay. So naturally there has to be some sort of permissioning structure. So it shouldn't be a free for all. There should be some guidelines or gates over here. That's really the problem that the consent model seeks out to solve. So Microsoft Graph applications are single tenant, third-party, or line-of-business apps. So what I mean by that is single tenant…

内容