Home

How does both a cloud or an on-prem user gain access to SharePoint Online: cookies or access tokens?

%3CLINGO-SUB%20id%3D%22lingo-sub-670781%22%20slang%3D%22en-US%22%3EHow%20does%20both%20a%20cloud%20or%20an%20on-prem%20user%20gain%20access%20to%20SharePoint%20Online%3A%20cookies%20or%20access%20tokens%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-670781%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20trying%20accurately%20document%20the%20current%20authentication%20flow%20of%20our%20cloud%20only%2C%20and%20on-premise%20(AD%20FS)%20users%20when%20they%20attempt%20to%20access%20primarily%20SharePoint%20Online%20and%20MS%20Teams.%20Previously%2C%20I%20have%20seen%20this%20based%20on%20either%20SharePoint%20online%20detecting%20the%20presence%20of%20FedAuth%20and%20root%20Federation%20Auth%20(rtFA)%20cookies%20which%20can%20subsequently%20be%20requested%20from%20AAD%20.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHas%20this%20been%20largely%20superseded%20by%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Faccess-tokens%22%20rel%3D%22noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Identity%20Access%20Tokens%3C%2FA%3E%3F%20Are%20the%20access%20tokens%20relevant%20to%20the%20type%20of%20client%20%2F%20app%20and%2C%20or%20SSO%20set%20up%3F%20Essentially%2C%20I%20am%20trying%20to%20understand%20where%20the%20the%20cookies%20and%20the%20tokens%20fit%20in%20the%20current%20identity%20model.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-670781%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Daniel Westerdale
Regular Contributor

I am trying accurately document the current authentication flow of our cloud only, and on-premise (AD FS) users when they attempt to access primarily SharePoint Online and MS Teams. Previously, I have seen this based on either SharePoint online detecting the presence of FedAuth and root Federation Auth (rtFA) cookies which can subsequently be requested from AAD .

 

Has this been largely superseded by Microsoft Identity Access Tokens? Are the access tokens relevant to the type of client / app and, or SSO set up? Essentially, I am trying to understand where the the cookies and the tokens fit in the current identity model.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies