This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 56.00000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEB%3C/text%3E%3C/svg%3E)
Hi,
I'm trying to get access to MS Graph API from my application to users of another Microsoft account to avoid to request to our customers they have to create the application themself
I'm able to get an authorization code from the user consentment with this request:
I'm able to read users from this another account, but only 1 time, if I try to get users twice, I get this error message:
OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.
and if I try to get a token from https://login.microsoftonline.com/<tenantId>/oauth2/v2.0/token I get this error message:
Provided Authorization Code is intended to use against other tenant, thus rejected.
I only know my own clientId, tenantId and secret, I don't know what is the customer tenantId
How to solve my issue? thanks
https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow
An API that connects multiple Microsoft services, enabling data access and automation across platforms
found, I'm able to obtain the accessToken with "common" instead of my tenantId https://login.microsoftonline.com/common/oauth2/v2.0/token
Hi @Eric Blanquer
The maximum lifetime of the authorization code is 10 minutes. But in reality, most services set the expiration time to be shorter, around 30-60 seconds. This is to ensure that the authorization code is a one-time use to avoid misuse.
Therefore, you can only redeem an access token once using an authorization code, after which it will expire immediately. If you are trying to apply your multi-tenant application to other tenants, then I recommend that you use refresh tokens to renew new access tokens to avoid frequent login authentication.
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.
Hi ,
thank you for your answer,
but when I call the https://login.microsoftonline.com/<tenantId>/oauth2/v2.0/token I get this error message:
Provided Authorization Code is intended to use against other tenant, thus rejected.