Hi, I'm developing API in my company in south korea.
But, I faced error when requests access token.
POST https://login.microsoftonline.com/{tenant_of_destination}/oauth2/v2.0/token
Error contents
{
"error": "invalid_grant",
"error_description": "AADSTS500021: Access to '****' tenant is denied.\r\nTrace ID: ****-97f7-d1044baeec00\r\nCorrelation ID: ****-9523-944761fc978c\r\nTimestamp: 2023-10-12 06:47:36Z",
"error_codes": [
500021
],
"timestamp": "2023-10-12 06:47:36Z",
"trace_id": "9513768e-ff17-44ba-97f7-d1044baeec00",
"correlation_id": "67d477d0-d570-4983-9523-944761fc978c",
"error_uri": "https://login.microsoftonline.com/error?code=500021"
}
Situation
- We're using Intranet(we have out firewall policies block some domain and IP). And also we may have proxy server.
- We can get an access token when requests in public network with same parameter. (so, tenant restriction doesn't matter)
- it's client_credentials grant, and client_secret, client_id, scope parameters are right.
Is there any domains we should open when we request access token?
And, please give me some possible causes of this problem.
Thank you!