1.3 Overview
Active Directory Federation Services (AD FS) implements parts of the OAuth 2.0 Authorization Framework [RFC6749] and extends it. Those extensions are the OAuth 2.0 Protocol Extensions and are specified in this document. They are implemented by OAuth 2.0 clients that request authorization from AD FS servers using the OAuth 2.0 protocol.
Note Throughout this specification, the fictitious names "client.example.com" and "server.example.com" are used, which are examples in [RFC6749].
In addition to the terms specified in the Glossary (section 1.1), the following terms are used in this document:
From [RFC6749]:
access token
access token request
access token response
authorization code
authorization code grant
authorization request
authorization response
authorization server
client identifier
confidential client
redirection URI
refresh token
resource owner
From [OIDCCore]:
ID token
From [RFC8628]:
Device Verification Code
User code
Verification URI