APP Service Authentication - Microsoft Identity Provider
Hello,
I'm trying to better understand how the APP Service Authentication with Microsoft Identity Provider really works, but from the documentation and configurations I'm not being truly clarified.
I assume I'm missing some basic concepts regarding authentication, but I'm not sure where to look into that information. I also didn't find this specific questions being asked here before.
So I have two major questions:
Microsoft recommends to use an APP Registration with Client Secret, otherwise it will use OAuth 2.0 implicit grant flow. I really don't understand how the client secret is being used here. If we're authenticating against this APP Registration how does the Client Secret is relevant?
On the additional checks I also don't really understand what the Application Requirements do. If we authenticate with the credentials of any APP Registration wouldn't it also fall under the category of the Identity Requirements?