Versions Compared

Version Old Version 7 New Version 8
Changes made by

Blagica

Blagica

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Proposed
Application Name

Platform Type

Client
Secret
Required

Grant Type

Scopes & API Permissions

App Roles & API Permissions

Token Claims

Redirect URIs

gateway-service
(C2B)

  1. Web

Authorization
Code

  • openid

  • profile

  • email

  • offline_access

  • custom_scope

  • family_name

  • given_name

  • preferred_username

  • email

  • groups

  • https://<ModelOp Center URL>/login/oauth2/code/gateway-service

internal-client
(B2B)

Client
Credentials

  • Group.Read.All* (API Permission granted for Microsoft Graph, not for internal-client)

  • modelop_client

  • idtyp

external-integration-client
(C2B)

  1. Single-page application

  2. Mobile and desktop applications

Implicit

Authorization
Code with PKCE

  • custom_scope

  • family_name

  • given_name

  • preferred_username

  • email

  • groups

  1. Single-page application; Redirect URIs

    1. https://<ModelOp Center URL>/jupyterOauth2ImplicitGrant.html

    2. https://<ModelOp Center URL>/modelOpWDC.html

  2. Mobile and desktop applications; Redirect URIs

    1. https://oauth.powerbi.com/views/oauthredirect.html

go-cli
(C2B)

Password

  • custom_scope

  • family_name

  • given_name

  • preferred_username

  • email

  • groups

*The Group.Read.All permission for Microsoft Graph is necessary only if a customer is unable to include the group names, instead of group ids, as part of the access token. With Group.Read.All permission granted, ModelOp Center will be able to retrieve the group names from Microsoft Graph and display them instead of their ids throughout the platform.

NOTE: Once the internal-client app has been created, please open the “Overview” tab for the app and click on:

...