This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 36%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJF%3C/text%3E%3C/svg%3E)
Hi all
We are trying to implement a new API which use OpenID Connect and OAuth2.0 to grant the API calls.
Wa can successfully make the /authorize and /token calls on Microsoft bur the JWT we get in return has an issuer (sts.windows.net) which is different from the one expected (login.microsoft.com) as described here : https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow
Any idea ?
Yes we have solved it.
May be it's clear for all others users and admin, but to solve it :
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 66%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
Thank you - I've been struggling with this for a very long time. I do not need or use an API scope, but evidently if you don't have one, you always get a V1 token. Add a garbage scope and now I get a V2 token.
I wish I'd found this earlier, but after hours of GitHub Copilot's uselessness, this is what fixed it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Jean-François RIVES (Admin)
First you need to find the accessTokenAcceptedVersion property in the list of registered applications, and then change its value to 2.
However, this modification will be delayed, please wait patiently.
Then make sure that the endpoint from which you get your credentials and token requests is v2.
Make sure the request has v2.0 after auth2.
Can refer to this link:
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.
Hi @Anonymous
Thanks for your help and your reply.
We have already set 2 days ago the accessTokenAcceptedVersion property value to 2 directly in the manifest :
Tha API requests are also made with V2.0 endpoints. Do we need to be more patient as we still received the token in V1 and with "sts.windows.net" as issuer :
Or is there anything else that we have to do ?
Best
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 51%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYP%3C/text%3E%3C/svg%3E)
I have the same issue here even after waiting 48h I still get the error. Have you solve this ?