login for EWS failed

stormleng 0 Reputation points
2023-05-08T09:46:35.2033333+00:00
Error Acquiring Token:
MSAL.NetCore.4.50.0.0.MsalServiceException: 
	ErrorCode: invalid_scope
Microsoft.Identity.Client.MsalServiceException: AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope 'https://outlook.office.com/EWS.AccessAsUser.All offline_access openid profile' is not configured for this tenant.
Trace ID: 09c9488e-0a1a-4a52-9e1c-894aef88bc01
Correlation ID: bbebb9ce-b163-46ce-bfcb-74edf0d30e62
Timestamp: 2023-05-08 09:40:26Z

what the problem? should i config for everyone?
Microsoft Exchange Online
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,060 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Vasil Michev 98,111 Reputation points MVP
    2023-05-08T15:46:13.2366667+00:00

    Judging by the error message, likely the tenant you're using does not have a valid Exchange Online subscription. Make sure this isn't indeed the case. If you are just trying things in a demo tenant, sign up for a free O365/M365 trial to get Exchange enabled in the tenant.

    Otherwise, share the actual code you're using to obtain the token.


  2. Marco Ancona 6 Reputation points
    2023-09-27T18:14:33.72+00:00

    Som facts regarding this:

    • Anyone can access personal Outlook calendars using EWS + Basic auth (with an app-specific password). This works out of the box.
    • Apple can access personal Outlook calendars using EWS + OAuth. This is easy to see with a tool like Proxyman on a Mac. Tried to do the same but always get AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope 'offline_access openid https://outlook.office.com/EWS.AccessAsUser.All' is not configured for this tenant.

    Looks like Apple clientId might have a special deal to access personal Outlook accounts with EWS + OAuth. @Vasil Michev any idea?

    0 comments No comments