![]() The Cloud AP provider returns a successful authentication response to Windows.The Cloud AP provider uses the device's private transport key to decrypt the session key and protects the session key using the device's Trusted Platform Module (TPM). The Cloud AP provider receives the encrypted PRT with session key.When the nonce is validated, Azure AD creates a primary refresh token (PRT) with session key that is encrypted to the device's transport key and returns it to the Cloud AP provider. ![]() Azure AD validates the signature and then validates the returned signed nonce.
0 Comments
Leave a Reply. |