Azure OnBehalfOfCredential : Java GraphClient failed to create the credential to access Sharepoint through OBO

TobiasKolb-0263 1 Reputation point

I get the following error message when I try to create an OBO credential:

"Azure Identity => ERROR in getToken() call for scopes [Sites.Read.All]: AADSTS50013: Assertion failed signature validation. [Reason - Key was found, but use of the key to verify the signature failed."

The Azure app is configured with the following permissions:

  • openid (Delegated)
  • Sites.Read.All (Delegated)
  • User.Read (Delegated)

Scenario :

User sign-in to the Azure app

Store the access_token as a string

Passing the access_token to the OnBehalfOfCredential method

Logging into the Azure app and getting the access_token & id_token works, just not creating the OBO credential.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,836 questions
0 comments No comments
{count} votes