This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 1%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUG%3C/text%3E%3C/svg%3E)
Hi. I've been struggling for hours with this so my last resort is asking for some help.
We need to ensure that the old tokens issued in our system are still valid once we migrate to Graph. Tokens are successfully refreshed using the refres_token issued by the REST API, but when I try to use the issued token to make a call I'm getting the following error:
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "CompactToken parsing failed with error code: 8004920A",
"innerError": {
"date": "2022-09-15T22:19:58",
"request-id": "fceadbcd-d55a-4bee-b2a9-fca6828053b0",
"client-request-id": "fceadbcd-d55a-4bee-b2a9-fca6828053b0"
}
}
}
Can you help me get an idea of what I'm doing wrong?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 84%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Sounds like you maybe mixing V1 and V2 tokens see https://learn.microsoft.com/en-gb/azure/active-directory/develop/access-tokens#sample-tokens you can check you token version by using jwt.io. The accessTokenAcceptedVersion in the manifest controls what type of tokens you app can accept.
Thanks for your response, Glen.
I'm not an expert, but if that was the case then the refresh token issued by REST shouldn't work to generate a fresh one using Graph, don't you think?
Anyway, I tried to decode both tokens and I was not succesful in any case.
What's would you recommend?
Token issued by REST:
EwBIA+l3BAAUnQP8Jfa2FYxR0AX7HsEZwOdWa28AAYGrCkzqhntygx/zRfL253VlR6f4eZ8TNiciuEBPsarilvyWuWhWQoGzl/UGje+g6eYXOszjSlExV83yuNM4IokJ/VR4fLsVuQ7F8OwqkcpV/LUUmSu7B3OOyW+6ceqEr+yg8OgGwvhmNiMl/ZMT8MhI6vDFwf+xUPDdfxRM9o6eU+fjrIBYwg5fNHbBYNJj/9+WrFpdJO0lfNu2dZFNkbxUyrtajU3yr5eOolY16No9pjgE1wg58+wPCJPlTNSTneP9oe2yI+0uSDSZ5Gf48jRvyzeHAlvVoIH3s1zOOv6GWGvlBQPB/ymMam31Q4GAhE5DOuYX+dmkSTjBWl0EjhQDZgAACDbG12n/iiSxGAJxxgZsljY9hTBl8qYy/orBk8z0je3SNziX6FA9/okn0o1yqCG5iZa205f1cxp2MvdJAbV0XwQOnw9ESntrt8ozoODd4En55h3ERQRSmlrctE2aOXedj334gmUO7+Q0Gvvl/8IIROHbbxOBagNBtADNRgDAxJ1MZI3Yr6Zeo3x3PCAHq/SG+nfs1ckmhC5KB20t9Cth3ZQXDopHzqOggd4bbG0x8wju3DZFeBQ2N2p3LmnMjoR+4bH1y3LFJu/8SmSlNCTKxIq5zyufBA5DbyNNtSuZm8kKYgxBKaVlzE9waWHRoWChYC36g0z8oV+toquh/r174CCszynLtJB40vsNkflWBU15aJPUSW/ahcdDUIHFcCp0YzSjBUKZblfJp6lFW1SHzdrljEadbYgXWjtl5Jp9hEF6GEvXIuweIDbByB7+fpgUP1OsWkXeST0jseDCjz9Ks3xQYekWblkQtQaeOlyfxJAGR85MG6umnY93zDm6xkUpNEVJkiQZANJqUf9eKh0mJhsV2PpeNhFTGHdtQfQsCcOldvht/n08LDYjMb92uyeALNJm3SmF855G/BLVII8dQQoFzMvJP2IBPaw4KNNkvuzTvNShqDuPCd4akjZGVWHc04GSrOpG1evmiV3LMt+G/rSuxo0Znl8CbZ9kVkh2cSTpg9zAIpXl3Z4+lb3RCuUIYxFCUfmmXo1G1uaOHv/dXYSP00gC
Token issued by Graph:
EwCAA8l6BAAUkj1NuJYtTVha+Mogk+HEiPbQo04AATRcwlxAn5+ebfbfyLFaZognOcFaFb+EDpf0AkXVwiCwrOgYop71pDulj6bwXkd23AkdnFDiXWjlRr7kvBRjNcL2DwZHQUd6vc66TMHx2z4Rmmx4hFTk7eT759dbA5usME8HkVKgvA8Ydlh1QwepOWeYynP6jGaNMl1fR+2NwviU8MkT7wqakWKaXc9fUpjfs7GbdT7aG/jWI2EPYEFV+dToBtn5sdRHM6Er6ZAhscMAcAAZpQ8ozvm6v1b2/rbll6jkk5nSAKEOlLdu9CeKPVBVy4xnI/S6FKMPcbZrYS5h4JgpnLw95zMHnlOjaowGIuLiY9QxlYxa853+dUD5JwADZgAACHJ0gF1tTu/UUALCZUBicMvEK0LZiiKu/BHG+pQHsMsDgxOD5bITi9UGpbtfJlVwiApiR5i/lK9crpOF29TJeB5MkWuWGT1HJhTEPIx0DdhNdlh7uf4kbKsiC1WhoWx78aokgronFbC6KvvGWPNmANsf31pdwbLuoAyoKt+uKoJiDAU136iz+2DDafzpQB5Fx5f8L9upOHSm00FYOpYsNSNq3xLw6zn5XEXT3X2SfocRXIHC2354GQjx/fIOvX1pQwi0W7hsncGXkB/newEmRWGpdDoYuInkOeK32cM1sEWw+/LFjJR5q+q05LdXyA49I4Sl9h5rMF7hVZqZSyKNKtPk8qpCyodAibpGh9SdYnhO3j2KzseBQyUaxdlCYA1ILSC1sQubYWCOzxFHaf6ZPeFzJ5ksi/skOOxOZ/42ALI7zzjiV8cMIi3rjyoMxNtSXCdUOcfP1h6/D9/aVrqwwW3digmtEVnL40vnpKW/u/M0xoCr4R+AyJKN2jGXidLb/KClaOhU+kAPkUbcTBrsNAoVc0nvax1KC6gS8XqmpAUSJepYQRTXGEtEDiKJKo5rZzuZQqde14GKZiJrCceD60JbQ9TfSYkL1ftVdCJLUvJKmzch7W1Newz7DXivrfqVyH7s44MJbqnt38UZB0kUjJMz2NWRUOk35sqc42A1s/5qF96EXn1ZIlZKZYx4zueyk5bVfJbLC4rKr0XKJHpNpnmhHqmL4U5NQiAxGQr7BTd9hy2UBguOAzyk/WlOxrqhxqiLLES1SNIFbjH1Yw29/YmaXGsSfk15+hwQjQI=
What does the code your using to get the token look like? They don't look like valid Access tokens and they aren't something that will be interchangeable for a Graph Token
I'm sorry. It seems that the ones I should decode are the id_token and I was bringing access_token. Now I was able to decode both, but now I go back to the beginning, cause they both are 2.0
I will keep digging to see what else I can find