API authentication is necessary to secure API access from any unauthorized user. There are several ways to secure APIs. OAuth token validation is used to authenticate the user. One of the methods is to use Azure AD as an OAuth provider to secure an API invocation. The Azure AD provides an authentication token when the user sends a request to the login URL with a valid client_id and client_secret to the microsoftonline.com login.
Architecture
The below sequence diagram shows the design of the OAuth authentication process when Azure AD is used as an OAuth provider to authenticate REST API access implemented in IBM API Connect. 