-
Notifications
You must be signed in to change notification settings - Fork 10
MS specs which Himmelblau uses
David Mulder edited this page May 8, 2024
·
3 revisions
This page is intended as a place to gather all the MS specification documents that Himmelblau implements, as well as comments about the accuracy of the specs.
-
[MS-OAPX]: OAuth 2.0 Protocol Extensions
- Used in the MSAL PublicClientApplication for general authentication.
-
[MS-OAPXBC]: OAuth 2.0 Protocol Extensions for Broker Clients
- Used in the MSAL BrokerClientApplication for PRT requests.
-
[MS-DVRJ]: Device Registration Join Protocol
- Sections 3.1.5.1.1.1 and 3.1.5.1.1.2 are mostly accurate and used in [MS-DRS] Section 2.1.
-
[MS-DVRE]: Device Registration Enrollment Protocol
- This protocol appears to be used by the DRS service in Azure to enroll the client device. Section 2.3.3 Alt-Security-Identities matches the device object which is created within the directory. The client does not use this protocol, but is useful as a reference.
-
[MS-DVRD]: Device Registration Discovery Protocol
- Accurate, but missing many services, see [MS-DRS] Section 3.1.
-
[MS-KPP]: Key Provisioning Protocol
- This is used by MSAL to provision a Windows Hello for Business key. The process for requesting a PRT using that key does not appear to be document (although MSAL copies Windows behavior here to request the PRT).