Generate Bearer Token using Microsoft Graph

Question

I have Web API built in .net framework 4.6. I secure my API using Azure AD. For the purpose of development, I need to generate token so I can use it for testing and debugging. How can I generate token from Microsoft Graph that I can use to authenticate to my API?

I tried this https://login.microsoftonline.com/{tenantId}/oauth2/token endpoint but the token it generates is not valid. I get 401 using the token from that endpoint.

Answer 1

The error "401 unauthorized" usually occurs when you missed giving resource parameter while generating access token.

If that's the case, you will still get the access token but when you are using the token to authenticate to your API, you will get "Invalid token" error.

To resolve the error, please include below parameters while generating access token:

• Make sure to include resource parameter and other required parameters like below:

• I tried in my environment, after including the above parameters, I got the access token successfully like below:

If the above solution does not work, try with different grant_type parameter.

For more information, please refer below links:

401 Unauthorized Error–Azure Active Directory (AD) – Microsoft Azure Articles.. (wordpress.com).

Getting Access Token for Microsoft Graph Using OAuth REST API - DZone Security

Azure registered app error: The user or administrator has not consented to use the application with ID - Stack Overflow