{"id":2857,"date":"2019-04-18T09:00:41","date_gmt":"2019-04-18T16:00:41","guid":{"rendered":"https:\/\/developer.microsoft.com\/en-us\/office\/blogs\/?p=2857"},"modified":"2019-04-18T09:00:41","modified_gmt":"2019-04-18T16:00:41","slug":"behavior-change-confirmation-dialog-for-native-oauth-2-0-applications","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/behavior-change-confirmation-dialog-for-native-oauth-2-0-applications\/","title":{"rendered":"Behavior Change: Confirmation dialog for native OAuth 2.0 applications"},"content":{"rendered":"<p>We\u2019re announcing that we will be introducing a user experience change to our <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-oauth2-auth-code-flow\">OAuth 2.0 authorization code flow<\/a> for native applications starting today. We expect this change to be fully deployed by mid-May.<\/p>\n<p><strong>Current behavior<\/strong><\/p>\n<p>A native application can obtain an OAuth 2.0 authorization code silently and without user interaction, if the user has already consented to the application.<\/p>\n<p><strong>New behavior<\/strong><\/p>\n<p>If your app requests an OAuth 2.0 authorization code through a web-view, there is no change from today.<\/p>\n<p>However, if your app requests an OAuth 2.0 authorization code through a browser or in-app browser tab (such as Chrome custom tabs or ASWebAuthenticationSession), a dialog will be displayed when all the following conditions are met:<\/p>\n<ul>\n<li>The user is already authenticated in the browser window with their Microsoft account or Azure Active Directory.<\/li>\n<li>The user has already consented to use your app.<\/li>\n<li>Your app uses a <a href=\"https:\/\/tools.ietf.org\/html\/draft-ietf-oauth-native-apps-11#section-7.1\">URI scheme redirect<\/a> as the return URI for the authorization code request.<img decoding=\"async\" class=\"size-full wp-image-2858 aligncenter\" src=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2019\/04\/oath-change.png\" alt=\"\" width=\"410\" height=\"617\" srcset=\"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2019\/04\/oath-change.png 410w, https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-content\/uploads\/sites\/73\/2019\/04\/oath-change-199x300.png 199w\" sizes=\"(max-width: 410px) 100vw, 410px\" \/><\/li>\n<\/ul>\n<p><strong>Call to action<\/strong><\/p>\n<p>If your app is affected, ensure that your application\u2019s display name in the <a href=\"https:\/\/aka.ms\/AppRegistrations\">Azure portal app registrations blade<\/a> is accurate and matches your desktop or mobile app\u2019s name.<\/p>\n<p>We welcome your feedback on <a href=\"https:\/\/feedback.azure.com\/forums\/169401-azure-active-directory?category_id=167256\">UserVoice<\/a> and if you have further questions reach out to us on <a href=\"https:\/\/stackoverflow.com\/questions\/tagged\/azure-active-directory+or+microsoft-graph+or+azure-ad-conditional-access\">Stack Overflow<\/a>.<\/p>\n<p>-The Microsoft Identity Platform Team<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We\u2019re announcing that we will be introducing a user experience change to our OAuth 2.0 authorization code flow for native applications<\/p>\n","protected":false},"author":69081,"featured_media":25159,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,5],"tags":[22,66],"class_list":["post-2857","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-graph","category-microsoft-identity-platform","tag-azure-ad","tag-oauth-2-0"],"acf":[],"blog_post_summary":"<p>We\u2019re announcing that we will be introducing a user experience change to our OAuth 2.0 authorization code flow for native applications<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/2857","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/users\/69081"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/comments?post=2857"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/2857\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media\/25159"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media?parent=2857"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/categories?post=2857"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/tags?post=2857"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}