Hi @Gabriel Pillay ,
Thanks for reaching out.
I understand you are looking to retrieve the access token.
There is nothing line First, let me clear the difference between Id Token and Access Token.
ID token - A JWT that contains claims that you can use to identify users in your application.
Access token - A JWT that contains claims that you can use to identify the granted permissions to your APIs. Access tokens are signed by Azure Active Directory. An access token contains claims that you can use in Azure Active Directory to identify the granted permissions to your APIs.
As you are looking for token with scopes, that should be access token. Access token can be retrieved using different OAuth flows based on the application type and scenarios.
Authorization code flow is used generally for those applications which require user interaction whereas ROPC flow is used to retrieve access token where user's credentials need to pass along to acquire the token.
ROPC flow is still supported but Microsoft does not recommend using ROPC flow as it is less secure than any other flows as it carries the risks to have credentials. Also, ROPC does not support MFA and SSO.
Microsoft provide different authentication libraries to retrieved security tokens and call protected web APIs in your apps.
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows
MSAL first try to acquire token silently by using acquireTokenSilent method to check the cache, if no credentials are stored in cache, then MSAL will acquire the token interactively.
publicClientApplication
.acquireTokenSilent(accessTokenRequest)
.then(function (accessTokenResponse) {
let accessToken = accessTokenResponse.accessToken;
callApi(accessToken);
})
.catch(function (error) {
//Acquire token silent failure, and send an interactive request
if (error instanceof InteractionRequiredAuthError) {
publicClientApplication
.acquireTokenPopup(accessTokenRequest)
.then(function (accessTokenResponse) {
// Acquire token interactive success
let accessToken = accessTokenResponse.accessToken;
// Call your API with token
callApi(accessToken);
})
Hope this will help. If you have any related questions, please let us know to help you further.
Thanks,
Shweta
-------------------------------
Please remember to "Accept Answer" if answer helped you.