I have 2 services, let's say A and B configured as web apps in azure. B needs a JWT bearer token to return a value. So when we try to call B from A, we Include the JWT bearer token in HTTP call from A using the Client Credential Grant flow explained here: https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow
Now the AAD registration of service B doesn't have localhost as it's reply URL but I noticed that I was able to talk to it from localhost. So Does AAD not respect reply URLs in client credential grant flow?
My understanding of reply URLs is this:
“In the case of a web API or web application, the Reply URL is the location to which Azure AD will send the authentication response, including a token if the authentication was successful.”
I'm using AuthorizationContext.AcquireTokenAsync() method with client credentials of App A and resource id of App B. So It should not return me the token to localhost because it's not configured?
