Menu
Is there a way to programatically via API to set the manifest property "accessTokenAcceptedVersion" to 2? This is required due to issue explained here - our code is expecting the new STS, fails with:
WWW-Authenticate: Bearer error="invalid_token", error_description="The audience is invalid"
due to being old sts: "iss": "https://sts.windows.net/.../". Similarly looking to set the "signInAudience" property as well so that we can have our apps show up in B2C:
{
...
"accessTokenAcceptedVersion": 2,
...
"signInAudience": "AzureADandPersonalMicrosoftAccount",
...
}
Not seeing anything in powershell, cli or api(see also)
If i capture the portal network traffic i can see the PATCH to graph.windows.net/myorganization/aplicaitons/{GUID}?api-version=2.0 where it sets the JSON properties:
"accessTokenAcceptedVersion":2,
and
"signInAudience":"AzureADandPersonalMicrosoftAccount",
But it also sets some another property - and appears to be not documented way of doing things?
"[email protected]":"application/json;odata=minimalmetadata"
and the signinaudience change sets:
"supportsConvergence":true,
598
check out the beta Graph APIs:
Please note that this is still only available under the beta API of the Microsoft Graph.
86
By using the below code snippet, able to set both accessTokenAcceptedVersion & signInAudience as desired.
ApiApplication api = new ApiApplication();
api.requestedAccessTokenVersion = 2;
Application application = new Application();
application.displayName = oAuthClientVO.getClientName();
application.signInAudience = "AzureADandPersonalMicrosoftAccount";
application.api = api;
For this, used the below libraries.
<dependency>
<groupId>com.microsoft.graph</groupId>
<artifactId>microsoft-graph</artifactId>
<version>[5.4.0,)</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>[1.3.6,)</version>
</dependency>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
