1.5 Prerequisites/Preconditions

A prerequisite to implementing the OAuth 2.0 Protocol Extensions is that the REQUIRED parts of AD FS as they apply to the Authorization Grant ([RFC6749] section 1.3) have been implemented on the AD FS server.

The OAuth 2.0 Protocol Extensions assume that if the OAuth 2.0 client requests authorization for a particular resource, or relying party, secured by the AD FS server, the client knows the identifier of that resource. These extensions also assume that the OAuth 2.0 client knows its own client identifier and all relevant client authentication information if it is a confidential client.

The OAuth 2.0 Protocol Extensions assume that they, the OAuth 2.0 Protocol Extensions for Broker Clients [MS-OAPXBC], and the OpenID Connect 1.0 Protocol Extensions [MS-OIDCE], if being used, are all be running on the same AD FS server.