Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are looking to integrate you classic ASP application with Microsoft Entra ID for authentication.
Please do correct me if this is not the case by responding in the comments section.
Instead of fetching the token via Authorize endpoint manually, I would recommend the following secure way where the token is issued by Entra ID and consumed by Azure App services (Microsoft Azure services).
- Migrate your classic ASP applications to Azure App Services
- Create a new app registration automatically or Use an existing registration created separately
- Enable Microsoft Entra ID in your App Service app
- Configure client apps to access your App Service
Once done you application would be hosted securely in Microsoft Azure and would be authenticated without your token being exposed to on-prem infra.
Thanks
Akshay Kaushik
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.