Page Comparison

Following the OAuth 2.0 standard, ModelOp Center requires the following Azure AD configurations for a successful integration:

Scopes
1. custom_scope
App role
1. modelop_client
Apps
1. gateway-service
2. internal-client
3. external-integration-client
4. go-cli
Scopes
1. custom_scope
App role
1. modelop_client
Access token version: 2

...

For more details per application, please reference the following table:

Proposed Application Name	Platform	Client Secret Required	Grant Type	Scope	App Roles	Token Claim	Redirect URIs
gateway-service (C2B)	Web	✔	Authorization Code	openid profile email offline_access custom_scope		family_name given_name preferred_username email groups	`https://<ModelOp Center URL>/login/oauth2/code/gateway-service`
internal-client (B2B)		✔	Client Credentials		modelop_client	family_name given_name preferred_username email idtyp
external-integration-client (C2B)	Single-page application Mobile and desktop applications		Implicit Authorization Code with PKCE	custom_scope		family_name given_name preferred_username email groups	Single-page application; Redirect URIs `https://<ModelOp Center URL>/jupyterOauth2ImplicitGrant.html` `https://<ModelOp Center URL>/modelOpWDC.html` Mobile and desktop applications; Redirect URIs `https://oauth.powerbi.com/views/oauthredirect.html`
go-cli (C2B)		✔	Password	custom_scope		family_name given_name preferred_username email groups

...

NOTE: Once the internal-client app has been created, please open the Overview “Overview” tab for the app and click on:

...

For instructions on how to create custom_scopeand modelop_client, please follow the Azure AD: How to create a custom scope and an app role-to guide.

Versions Compared