Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 72%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Have you fixed the error? I have the same one.
Microsoft Graph API userInfo endpoint UnknownEror: Token must contain sub claim
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 2%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Test
21
Reputation points
I'm trying to execute the userinfo endpoint at https://graph.microsoft.com/oidc/userinfo using an access token received through Open ID Connect.
The response received is:
400 Bad Request
{
"error": {
"code": "UnknownError",
"message": "Token must contain sub claim.",
"innerError": {
"date": "2021-02-22T03:57:51",
"request-id": "533a4343-85ab-45cb-9422-d7ec75677376",
"client-request-id": "533a4343-85ab-45cb-9422-d7ec75677376"
}
}
}
The access token does appear to contain the sub claim, it was visible in https://jwt.io.
If I login to https://developer.microsoft.com/en-us/graph/graph-explorer and try there it works and I notice the sub claim for the access token is different - for the same user.
Can you please help discern what could be the issue?
Microsoft Security | Microsoft Graph