Azure AD has several methods that can be used to authenticate into your application. These options are:
One approach we are going to examine in this post, is getting a request code and using that code to fetch a bearer token. To get started, we will need to add an application into Azure AD. We can do this by visiting the Application Registration Page. When working with an application in this fashion, we will want to add a platform and enter in https://localhost/ as the reply url. The other change we want to make in this screen is to add a client password as well. Save the client password as we will use it in the steps below.
First step is to open a browser and visit the following URI (replacing the values in  with your actual values).
Then we will take the URL from that redirect and copy it into Notepad. It will look similar to the URL below.
In this case we want to use the text between ?code= and &session_state similar to AQABAAIAAADXzZ3i…stripped…A9DmH-uyT-f4OsQIewC1IAA
We can use the secret we created above and the code as well to generate the next required information. We will use the Windows Subsystem for Linux (on Windows) or Bash (on mac / Linux) for the next command. We could use Postman or something like that as well, but it gets complicated adding the form fields that way.
Just swap out anything in  with the values from above.
curl "https://login.microsoftonline.com/[tenant-id]/oauth2/token" \ -F "redirect_uri=https://localhost/" \ -F "grant_type=client_credentials" \ -F "resource=https://management.azure.com/" \ -F "client_id=[client-id]" \ -F "client_secret=[client-password]" \ -F "code=[code-from-above]"
The result will look similar to the below output.
There is also another option of utilizing Easy Auth, but that is tougher to debug and troubleshoot locally.
References:Twitter Facebook Google+ LinkedIn