Here's how to validate Entra ID access tokens in custom Microsoft 365 solutions
While many Microsoft 365 solutions involve both client-side and server-side solutions, what almost all of them have in common is the need to obtain an access token from Microsoft Entra ID to either identify who the currently signed-in user is and to call either (or both) your endpoints or an existing one. When you use access tokens to secure your endpoints, you should never assume it’s valid and secure. Access tokens are just like cash - whoever has them can use them, and whoever receives...
Andrew, a 20-year recipient of Microsoft's MVP award, scours Microsoft & community resources every week so YOU DON'T HAVE TO. Save time & stay informed - get the Microsoft 365 developers need + my insights and guidance on a trending topic. Subscribe to my bi-weekly newsletter & join 9,000+ fellow M365 developers! No clickbait · 100% free · unsubscribe anytime.
This post is free to read but only available to subscribers.
Join today to get access to all of my posts.