Encountered error message when requesting token, may I ask why?

56gng 20 Reputation points
2024-11-13T17:01:10.09+00:00

curl --location 'https://login.microsoftonline.com/common/oauth2/v2.0/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=08a4cb27-28c7-4985-a4b9-ff1dee27a655' \
--data-urlencode 'scope=offline_access%20User.Read' \
--data-urlencode 'code=1.AcYAUDbkq9bv9k2NWNgQbgn0YSfLpAjHKIVJpLn_He4nplXGAADGAA.AgABBAIAAADW6jl31mB3T7ugrWTT8pFeAwDs_wUA9P-Xb1SX_ECO5boGELGHwvubvq6zN9ekjntS60yr3yNN0ukT65OZCYR-qAKKvHxkNYvqLf3TWO3ZpHArr4LNwzOve5IThd5qH-2HtUCWH4jXcZLrz0muLy45iicWk7eZUqWRVElpX3n-P8Av_zrSoK96WzRlG3s_MrJ1AooLd1KkT0de8-c_3CQV18ahxQA2bywEd-ft3Q_81Y7vUs16TppYFDgrTh1aNiACbKgO7Q_LJyi2yCMGbrT7ZX53zFNB4ENTjV7uUcLn7NUPMN_iBpbd8L6P9eKv9SfpvPqmYiXxSWvcXsad96X90w80CpHwuqX0VrmohSsU7VutxBXUf0kWSniVwuhDeNjMVDP1gGtknBCppdMS0qu8J5vUkDigb05wNe6XOmaYL8rFuNkFDwTv46BtVibRyHmHN-GOak3yeI5ryjBeezW423Zvz70Aa2nCabX61MTCMIke_CNXW58u-44i0LlrA8569xOHQAPIEJGXxZgOeq47g1eLfO9CjlViYBVjkXoUoOk2uXvLscxEsq4OpV1f2JY1PwDmI8fO1nkEzXaZJK1oTG1heEXu8XXX6hLJOZT6w_blhREBWGep9iopn973kVfgTq1hPnaLvBO3SDky3jnNpIOqH_maVakvnqegosCuQGWo0uv3DU5F9NKoslA34o1x6c1iGQxK-SvqCc__LkVyBb8jeoW9wnL8ifgqkoRlxZGIshptB23ibhlewEndNgBoBk0JBZdkkpv9oC9EVLaopy-xvMW1nSVH11WTrUBWpF1y8e3oDoYAiH2sxKs64mstjIxXaf6mB7P9K1zQWGP_oh98xiCdun4o2Y7r2eFuFdAoX9prLAE-m7ZSscNKjNV7U40CY0O3Au2Ki9C7Wy_8dSRFqMyRHrtY9r_SZxkSd7l_xJ-_iErFsH8m3AvczDOYgYJPWSfbwowdZyuDHx07mYy1Y4Pe8JPTzS27E6PizA3UHtZzV46dIVfULrvFfEiLVPYb_xgbLv1GKPAIQrAjlRNcq0FBfSQPMZv2_lXMDO1WIKUsTxNMIKLk4FXm4UMp1Dw89-GxctuxZY55Z3A2ZcU7dz6L1ePB5RSqFfPEbm5cEDT3wXgwXfYFbKfP2M-QczVLsj6d_RgcwmNqoPNSHjndzh0NEk8gnH3_4Jtd39J9i7Z6HNEti6bwJyCAuisG' \
--data-urlencode 'redirect_uri=http://localhost' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_secret=uYD8Q~auqjTtLsvxEN*****************'

error_description": "AADSTS500202: User account '{EUII Hidden}' is a personal Microsoft account, but the client or resource applications do not have direct Microsoft account support enabled. For external account support use the /organizations or the tenanted endpoint. Trace ID: 53e4e252-9b60-4d76-841c-4fce61547102 Correlation ID: bfe6251b-10dd-4782-b4cd-4b21c5c849dc Timestamp: 2024-11-13 16:55:45Z", enter image description here

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,458 questions
0 comments No comments
{count} votes

Accepted answer
  1. Yakun Huang-MSFT 7,120 Reputation points Microsoft Vendor
    2024-11-14T08:58:18.4033333+00:00

    Hello 56gng,

    Thank you for reaching out to Microsoft Support!

    Try changing the value of scope to look like this, that is, %20 to a space

    scope=offline_access User.Read
    

    Reference document:

    https://learn.microsoft.com/en-us/graph/auth-v2-user?tabs=http

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.


1 additional answer

Sort by: Most helpful
  1. 56gng 20 Reputation points
    2024-11-14T15:35:41.8566667+00:00

    Sorry, I found the reason myself. It's because of my own mistake: I didn't change 'code' {tenant} to 'common'

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.