This section contains information about the security model in App services. It describes how App services performs authentication and mediates access to resources.
As described in these pages, App services rely on OAuth 2.0 for authentication, basing data access decisions on tokens supplied with each API request. Appropriate credentials are necessary to generate these tokens. Access to App services entities is further restricted by assigned roles and permissions.