I am authenticating an user in an ASP.NET MVC application against Azure AD. After authenticating, I am accessing Azure AD to get some users' information and using client credential flow. When authenticating users, I have this code:
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId
Authority = authority,
RedirectUri = redirectUri,
PostLogoutRedirectUri = redirectUri,
Scope = OpenIdConnectScope.OpenIdProfile,
// ResponseType = OpenIdConnectResponseType.CodeIdToken,
ResponseType = OpenIdConnectResponseType.IdToken,
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
AuthorizationCodeReceived = OnAuthorizationCodeReceivedAsync
}
}
I am trying to figure out what is the difference between OpenIdConnectResponseType.CodeIdToken and OpenIdConnectresonseTyope.IdToken and there are other properties. I wonder when to use what?
It basically tells you what you want to have back after the user is authenticated and depending on the choosen "flow", you want to get back different items. (access token, authorization code, id-token....)
See this document for reference: