Behavior Change: Confirmation dialog for native OAuth 2.0 applications

Microsoft identity platform team

We’re announcing that we will be introducing a user experience change to our OAuth 2.0 authorization code flow for native applications starting today. We expect this change to be fully deployed by mid-May.

Current behavior

A native application can obtain an OAuth 2.0 authorization code silently and without user interaction, if the user has already consented to the application.

New behavior

If your app requests an OAuth 2.0 authorization code through a web-view, there is no change from today.

However, if your app requests an OAuth 2.0 authorization code through a browser or in-app browser tab (such as Chrome custom tabs or ASWebAuthenticationSession), a dialog will be displayed when all the following conditions are met:

  • The user is already authenticated in the browser window with their Microsoft account or Azure Active Directory.
  • The user has already consented to use your app.
  • Your app uses a URI scheme redirect as the return URI for the authorization code request.

Call to action

If your app is affected, ensure that your application’s display name in the Azure portal app registrations blade is accurate and matches your desktop or mobile app’s name.

We welcome your feedback on UserVoice and if you have further questions reach out to us on Stack Overflow.

-The Microsoft Identity Platform Team

Feedback usabilla icon