Microsoft Office 365 · Authentication Profile

Microsoft Office 365 Authentication

Authentication

Microsoft Office 365 secures its APIs with http and oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode and clientCredentials flow(s).

CloudCollaborationEnterpriseMicrosoftProductivity
Methods: http, oauth2 Schemes: 2 OAuth flows: authorizationCode, clientCredentials API key in:

Security Schemes

oauth2 oauth2
· flows: authorizationCode, clientCredentials
bearerAuth http
scheme: bearer

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/microsoft-graph-api-openapi.yml
summary:
  types:
  - http
  - oauth2
  oauth2_flows:
  - authorizationCode
  - clientCredentials
schemes:
- name: oauth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
    tokenUrl: https://login.microsoftonline.com/common/oauth2/v2.0/token
    scopes: 17
  - flow: clientCredentials
    tokenUrl: https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
    scopes: 1
  description: Microsoft identity platform OAuth 2.0 authorization. Supports delegated (user)
    and application-only permissions. Microsoft Graph uses scopes to control access to resources.
  sources:
  - openapi/microsoft-graph-api-openapi.yml
- name: bearerAuth
  type: http
  scheme: bearer
  bearerFormat: JWT
  description: Bearer token obtained from the Microsoft identity platform. Use an access token
    in the Authorization header of each request.
  sources:
  - openapi/microsoft-graph-api-openapi.yml