Access Token Signature Validation

Subramanyam k 246 Reputation points

This is regarding the Token validation

When we are generating access token using the default scopes in Azure (example:Graph API We observe that
the access token signature is invalid(used

But when we generate the access token using custom scopes(example:api/tenantid/customscope). We observe that
the access token signature is valid.

What could be reason, the signature is invalid for the access token generated by default scope ?

Note:Even in our coding we used microsoft public keys, we are facing the same issue. Token generated with graph api scopes are marked as

Please provide your comments.


Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,649 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. VipulSparsh-MSFT 16,011 Reputation points

    @Subramanyam k That is expected. You should try to validate the access token which is dedicated to your own resource (Application).
    The access token for Microsoft graph is encoded for Graph only and any other party will not be able to verify that.

    Read more in detail here.


    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

    0 comments No comments