This flow is one in which the code provided by the AS as a result of the app-invoked embedded browser is delivered to a server-side endpoint – via an HTTP redirect. This last step is espied by the app, which shuts down the browser and interacts with the website t0- get itself a local session, app to site. The site’s own webapp process has, meantime, converted the code to a token, to support the maintenance of the local session. This interaction is configured by setting identity values in the mobile app configuration to align with that of an associated AAD application (and vice versa):
we configure the mobile backend site to talk to the “homespotter webapp” AAD application registration, in our netmagic.onmicrosoft.com AAD tenant.