Reading this - https://github.com/swgriffith/azure-guides/blob/master/aad-oauth2-on-behalf-of.md
Why OBO is required here and can JWT just not be pass through?
Because this is implying that, if this was not a Mobile App, but just a API or Web UI calling another API, they will always get API Gateway Token and API Gateway will always fetch OBO token. But, I never did that is many projects I implemented.
So curious to know that when this OBO like this is required.
Reading this - https://github.com/swgriffith/azure-guides/blob/master/aad-oauth2-on-behalf-of.md
Why OBO is required here and can JWT just not be pass through?
Because this is implying that, if this was not a Mobile App, but just a API or Web UI calling another API, they will always get API Gateway Token and API Gateway will always fetch OBO token. But, I never did that is many projects I implemented.
So curious to know that when this OBO like this is required.