grant_type is always missing

Hugo Bohácsek 1 Reputation point
2021-04-11T18:55:03.95+00:00

Trying to get a oauth2/v2.0/token, always results in
"AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: 1d67dcb5-c8dc-4e21-9c39-52e24d7d3d00\r\nCorrelation ID: 0255a97e-3349-4566-8bc8-5ed99e9f8d66\r\nTimestamp: 2021-04-11 18:44:06Z",
, but my request has grant_type=authorization_code.

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
5,469 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Zawojski, Kacper (Nokia - PL/Wroclaw) 11 Reputation points
    2022-06-22T12:42:01.057+00:00

    Same issue. My curl: 

    curl -X POST \  
  'https://login.microsoftonline.com/<TenantID>/oauth2/v2.0/token' \  
  --header 'Accept: */*' \  
  --header 'Content-Type: application/x-www-form-urlencoded' \  
  --header 'Content-Length: 0' \  
  --data-urlencode 'client_id=<ClientID>' \  
  --data-urlencode 'redirect_uri=<MyRedirectURi>' \  
  --data-urlencode 'grant_type=authorization_code' \  
  --data-urlencode 'client_secret=<MyClientSecret>' \  
  --data-urlencode 'code=<MyCode>'

    Is taken from : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
    All values inside <> are get from Azure and I'm 100% sure that are correct. <MyCode> is taken from request for code.

    Curl is exec on Apache Server. And res is: 

    {  
  "error": "invalid_request",  
  "error_description": "AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: e14bd767-2062-4175-8e89-839c9bc81900\r\nCorrelation ID: ee07635e-bd30-4049-b0b9-75cabcf8103e\r\nTimestamp: 2022-06-22 12:36:07Z",  
  "error_codes": [  
    900144  
  ],  
  "timestamp": "2022-06-22 12:36:07Z",  
  "trace_id": "e14bd767-2062-4175-8e89-839c9bc81900",  
  "correlation_id": "ee07635e-bd30-4049-b0b9-75cabcf8103e",  
  "error_uri": "https://login.microsoftonline.com/error?code=900144"  
}
    2 people found this answer helpful.
    0 comments
  2. Pakki, Saicharith (Contractor) 6 Reputation points
    2022-01-13T10:55:44.5+00:00

    Even though we are sending the grant_type it is throwing the error.

    1 person found this answer helpful.
    0 comments
  3. Avinandan Patra 6 Reputation points
    2022-09-21T16:32:40.037+00:00

    Try form data instead of x-www-form-urlencoded format. it should work.
    Surprisingly microsoft postman collection shared in the below link also has this wrong.

    link : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

    • Sample Code curl --location --request POST
      'https://login.microsoftonline.com/<TenantID>/oauth2/v2.0/token' \
      --form 'client_id=<ClientID>' \
      --form 'scope="https://graph.microsoft.com/mail.read"' \
      --form 'redirect_uri=<MyRedirectURi>' \
      --form 'grant_type=authorization_code' \
      --form 'client_secret=<MyClientSecret>' \
      --form 'code=<MyCode>'
    1 person found this answer helpful.
    0 comments
  4. Bhawani Singh Bhati 1 Reputation point
    2021-11-24T03:03:16.55+00:00

    Send the grant_type parameter in body. Seems you are sending grant_type in header.

    0 comments