I am trying to implement a OAuth2 implicit grant flow in an IOS app. In this case it requires a token request instead of a code request because you can't share the client secret in a native app safely.
so a request like this yields a login form:
https://login.windows.net/<tenantid>/oauth2/authorize?api-version=1.0&client_id=<client id>&response_type=token&redirect_uri=shp-apps://localhost:44300/?ReturnUrl=%2F&resource=https://graph.windows.net
After successfully login I get this error:
#error=unsupported_response_type&error_description=AADSTS70005: response_type 'token'
is not supported for the application
Trace+ID: 9008e580-2798-4b6c-a6bf-2bf614b61f64
Correlation+ID: ceb9bb4b-34a4-4441-801f-377f534543b1
Timestamp: 2014-08-26+16%3a24%3a24Z
Is this actually correct, the token request_type is not supported? or is there something else that I need to do? The application is setup as a native app. I have already been able to do a 'code' response_type in a different application in the same active directory.
Implicit grant flow is indeed not supported yet by Azure AD. For your iOS app, use the authorization code grant flow with refresh token support. You don't need to write the OAuth flow on your own - use our iOS/OSX SDK instead: https://github.com/AzureAD/azure-activedirectory-library-for-objc
Philip, stay tuned on the implicit grant flow - it is on our radar.
Hope this helps.
UPDATE: Azure AD now suports implicit grant OAuth flow. see: https://github.com/AzureADSamples/SinglePageApp-AngularJS-DotNet