@SharmaAyushNokiaINGurgaon-5163, Ideal process is that:
- First, a search is initiated in the internal application cache to check if there is an existing token (refresh-token) available that can be used. If its present, the MSAL4J goes ahead with that old token and silently gets a new token (access-token).
- If an old token is not found (in case of a fresh login by the user), MSAL4J goes ahead with the interactive login step where it provides a pop-up/redirect with the https://login.microsoftonline.com/common/oauth2/v2.0/authorize? endpoint which is responsible for asking the user to interactively enter the username and password.
You can refer to the following doc and the sample for better understanding: https://video2.skills-academy.com/en-us/azure/active-directory/develop/quickstart-v2-java-webapp
You can check the following docs for more information:
- https://github.com/Azure-Samples/ms-identity-java-webapp/tree/master/spring-security-web-app
- https://github.com/AzureAD/azure-activedirectory-library-for-java/wiki
- Details for MSAL4J: https://github.com/AzureAD/microsoft-authentication-library-for-java
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.