OAuth requires the authenticating user to interact with Azure Data Lake Storage using the browser. The provider facilitates this in various ways as described below.

Embedded Credentials

Desktop Applications

See Embedded Credentials to connect with the provider's embedded credentials and skip creating a custom OAuth app.

Headless Machines

See Headless Machines to skip creating a custom OAuth app and authenticate an application running on a headless server or another machine where the provider is not authorized to open a browser.

Custom Credentials

Instead of connecting with the provider's embedded credentials, you can register an app with Custom Credentials to obtain the OAuthClientId and OAuthClientSecret.

When to Create a Custom OAuth App

Web Applications

You need to create a custom OAuth app in the web flow.

Desktop Applications

Creating a custom OAuth app is optional as the provider is already registered with Azure Data Lake Storage and you can connect with its embedded credentials. You might want to create a custom OAuth app to change the information displayed when users log into the Azure Data Lake Storage OAuth endpoint to grant permissions to the provider.

Headless Machines

Creating a custom OAuth app is optional to authenticate a headless machine; the provider is already registered with Azure Data Lake Storage and you can connect with its embedded credentials. In the headless OAuth flow, users need to authenticate via a browser on another machine. You might want to create a custom OAuth app to change the information displayed when users log into the Azure Data Lake Storage OAuth endpoint to grant permissions to the provider.

Creating a Custom OAuth App

See Creating a Custom OAuth App for a procedure.