ms-auth-0.1.0.0: Microsoft Authentication API
Safe HaskellSafe-Inferred
LanguageHaskell2010

Network.OAuth2.Provider.AzureAD

Description

Settings for using Azure Active Directory as OAuth identity provider

Both Delegated (On-Behalf-Of) and App-only (i.e. Client Credentials) authentication flows are supported. The former is useful when a user needs to login and delegate some permissions to the application (i.e. accessing personal data), whereas the second is for server processes and automation accounts.

Synopsis

Documentation

data AzureAD Source #

Instances

Instances details
Show AzureAD Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

showsPrec :: Int -> AzureAD -> ShowS #

show :: AzureAD -> String #

showList :: [AzureAD] -> ShowS #

Eq AzureAD Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

(==) :: AzureAD -> AzureAD -> Bool #

(/=) :: AzureAD -> AzureAD -> Bool #

type IdpUserInfo AzureAD Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

type IdpUserInfo AzureAD = AzureADUser

App flow

azureADApp Source #

Arguments

:: Text

application name

-> ClientId 
-> ClientSecret 
-> [Scope]

scopes

-> IdpApplication 'ClientCredentials AzureAD 

Azure OAuth application (i.e. with user consent screen)

NB : scope offline_access is ALWAYS requested

create app at https://go.microsoft.com/fwlink/?linkid=2083908

also be aware to find the right client id. see https://stackoverflow.com/a/70670961

Delegated permissions OAuth2 flow

data OAuthCfg Source #

Configuration object of the OAuth2 application

Constructors

OAuthCfg 

Fields

data AzureADUser Source #

https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo

Instances

Instances details
FromJSON AzureADUser Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

parseJSON :: Value -> Parser AzureADUser #

parseJSONList :: Value -> Parser [AzureADUser] #

Show AzureADUser Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

showsPrec :: Int -> AzureADUser -> ShowS #

show :: AzureADUser -> String #

showList :: [AzureADUser] -> ShowS #

Eq AzureADUser Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

(==) :: AzureADUser -> AzureADUser -> Bool #

(/=) :: AzureADUser -> AzureADUser -> Bool #

Ord AzureADUser Source # 
Instance details

Defined in Network.OAuth2.Provider.AzureAD

Methods

compare :: AzureADUser -> AzureADUser -> Ordering #

(<) :: AzureADUser -> AzureADUser -> Bool #

(<=) :: AzureADUser -> AzureADUser -> Bool #

(>) :: AzureADUser -> AzureADUser -> Bool #

(>=) :: AzureADUser -> AzureADUser -> Bool #

max :: AzureADUser -> AzureADUser -> AzureADUser #

min :: AzureADUser -> AzureADUser -> AzureADUser #

azureOAuthADApp Source #

Arguments

:: OAuthCfg

OAuth configuration

-> IdpApplication 'AuthorizationCode AzureAD 

Azure OAuth application (i.e. with user consent screen)

NB : scopes openid and offline_access are ALWAYS requested since the library assumes we have access to refresh tokens and ID tokens

Reference on Microsoft Graph permissions : https://learn.microsoft.com/en-us/graph/permissions-reference

create app at https://go.microsoft.com/fwlink/?linkid=2083908

also be aware to find the right client id. see https://stackoverflow.com/a/70670961