Menu
I am trying to Get access token from Azure AD. For that I have performed below Steps
1) Created an Enterprise application on Azure Active Directory
2) I am able to get the Access token using Authorisation --->> 'Get New Access token'
3) Hit the 'POST' request for https://login.microsoftonline.com/<Application ID>/oauth2/token URL
Have Configured below for POST Body
ClientID is ApplicationID from Application created at 1st step
Code is Also ApplicationID from Application created at 1st step
Not sure if I have configured it correctly
4) Using Same access code when I try to send an Request I am getting below error response
`{
"error": "invalid_grant",
"error_description": "AADSTS9002313: Invalid request. Request is malformed or invalid.\r\nTrace ID: 60b8fb68-40d5-43da-9b7b-36de021c2900\r\nCorrelation ID: 90ed2f2c-1ac8-4044-8742-493a3fce51be\r\nTimestamp: 2019-07-03 12:42:32Z",
"error_codes": [
9002313
],
"timestamp": "2019-07-03 12:42:32Z",
"trace_id": "60b8fb68-40d5-43da-9b7b-36de021c2900",
"correlation_id": "90ed2f2c-1ac8-4044-8742-493a3fce51be"
}
Please let me know where I am wrong or something needs to be changed.
544
https://login.microsoftonline.com/{tenant_id}/discovery/keys?appid={client_id} and verify against the private key generated by Azure AD token. For validation, developers can decode JWTs using jwt.ms and verify against "kid" claim. If it works, you know the contents were signed with the private key.
I got the same issue, and finally figure out that my problem is that the code returned after authorization in the redirect uri is actually something like www.yourredirecturl.com/?code=....§ion_state=....
So copy the whole thing after ?code= simple include the §ion_state and make the code incorrect. Hope this resolve your problem.
186
If I am not wrong you are trying to get get token using OAuth 2.0 code grant flow.
For this code flow there are two steps:
Get authorization code
You paste following code either in browser or post man. In postman do it like below:
https://login.microsoftonline.com/YourTennatId.onmicrosoft.com/oauth2/authorize?client_id=YourClentId&response_type=code&redirect_uri=https://www.getpostman.com/oauth2/callback&response_mode=query&scope=offline_access%20user.read%20mail.read
Once you got the authorization code , copy it for next step.
Use the authorization code to request an access token:
Token Request Endpoint: https://login.microsoftonline.com/YourTenantId/oauth2/token
client_id:YourClientId
scope:https://graph.microsoft.com/User.ReadWrite.All
redirect_uri:https://www.getpostman.com/oauth2/callback
grant_type:authorization_code
client_secret:YourAppsSecret
code:Paste Your Code Here
Post Man Format:
Hope this will resolve your problem.
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
