What is wrong with this Microsoft Bot Framework Token Request?

Question

Update 5/30/2017

I was able to get the token using cURL, but still no luck with Postman. Here's the curl command:

curl -X POST -H "Cache-Control: no-cache" -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=<your_id>&client_secret=<your_secret>&grant_type=client_credentials&scope=https%3A%2F%2Fapi.botframework.com%2F.default' 'https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token'

Original Question

As per the instructions on Microsoft's official docs for developing a bot with REST, I am sending a request in Postman to get an oauth token to use to work with their bot REST API.

Here's my setup in Postman (which is using Interceptor so I can specify Host):

Headers

Body

And, here's the response:

{
"error": "invalid_scope",
"error_description": "AADSTS70011: The provided value for the input parameter 'scope' 
is not valid. The scope https%3A%2F%2Fapi.botframework.com%2F.default is not valid.
\r\nTrace ID: 8b09d0ba-3ec0-4f15-9280-7527d46c1600\r\nCorrelation ID: 43b0fa8f-5b73-444c-
a1e4-9f3dd82c0d86\r\nTimestamp: 2017-05-30 22:17:05Z",
"error_codes": [70011],
"timestamp": "2017-05-30 22:17:05Z",
"trace_id": "8b09d0ba-3ec0-4f15-9280-7527d46c1600",
"correlation_id": "43b0fa8f-5b73-444c-a1e4-9f3dd82c0d86"
}

Does anyone have an idea what the problem is? I followed the instructions and I'm sure the client ID and secret ID are correct. Thanks in advance for any help!

Answer 1

I think that Postman and cURL are not treating the parameters on the same way. I tested with your parameters and got the same result, but I then got it working with Postman simply by avoiding the encoding of the URL in scope value: https://api.botframework.com/.default instead of https%3A%2F%2Fapi.botframework.com%2F.default.

See capture below:

And no need to specify the Host in the Header section.