Tokens for SPA

Question

Hello,

Have you ever made possible exchanging Refresh Token for new Access-token and Refresh-Token for  AAD-registered Single-page-app (SPA)  using  Postman or any other tool ??

I got my first access-token and refresh-token by exchanging the temp-code. However, all subsequent exchange of refresh-token is failing.

I am running into CORS issue and not able to break it.

AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests

Thanks.

Answer 1

Hi @testuser7 , yeah, CORS will give you this issue. My favorite solution for testing/dev right now is the Allow CORS browser extension. Try it out and let me know if it helps.

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James

Answer 2

Thanks @James Hamil So what are you proposing ? There is no browser involved. I already have first refresh token. Now I want use it to get next refresh token . This is programmatic call. Usually we easily do it in postman. But since this is SPA postman is giving me hard time

Thanks @James Hamil So what are you proposing ? There is no browser involved. I already have first refresh token. Now I want use it to get next refresh token . This is programmatic call. Usually we easily do it in postman. But since this is SPA postman is giving me hard time.

POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token

client_id=535fb089-9ff3-47b6-9bfb-4f1264799865 &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq... &grant_type=refresh_token

Answer 3

Will any one from MSFT answer this query? or this is the wrong place for such queries..?