Hi @Pat Sinclair
Don't try to put the app ID in the scope
, this token should only be used to call the graph API and not other web APIs.
Also, this is a POST
request instead of a GET
request, don't try to request the URL in the browser, you can send the token request in an API client tool such as Postman.
POST https://login.microsoftonline.com/{tenant id}/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
client_id={client id}
&scope=https://graph.microsoft.com/.default
&client_secret={client secret}
&grant_type=client_credentials
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.