How does UseWindowsAzureActiveDirectoryBearerAuthentication work in validating the token?

Question

I am following the below GitHub sample for implementing Authentication mechanism across WebApp and WebApi.

https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConn

Answer 1

The [Authorize] decoration in the controller or whichever method we specify triggers the Owin security handler to validate the token and generates the claims.