Sarcouncil Journal of Engineering and Computer Sciences

Abstract: This article examines the implementation of OAuth 2.0 and OpenID Connect within Azure Entra ID, exploring both the theoretical foundations of these protocols and their practical application in enterprise environments. Beginning with an analysis of the core OAuth 2.0 components and their security model, the discussion expands to cover how OpenID Connect extends these capabilities with standardized identity assertions through JWT tokens. The article provides a detailed examination of Azure Entra ID's architectural implementation of these protocols, including its multi-tenant design and integration with the broader Microsoft ecosystem. Particular attention is given to the three primary authorization flows—Authorization Code, Client Credentials, and Implicit—with analysis of their security characteristics and appropriate use cases. The security section addresses threat modeling, vulnerability mitigation strategies, and token lifecycle management specific to Azure implementations. The article demonstrates how these protocols address diverse identity challenges across organizational boundaries. The article concludes with an exploration of emerging protocol evolutions and Microsoft's strategic direction toward decentralized identity and Zero Trust architecture integration, providing a comprehensive overview of current best practices and future developments in this critical domain of identity and access management.