I am unable to get access token from the microsoft active directory graph api.

ahmad nawaz 21 Reputation points
2021-07-06T10:25:30.887+00:00

Here is my postman screenshot.

112118-postman.png

In response, I am getting a sign-in form. I saved the response in HTML file and it opens like this.

112069-screenshot-from-2021-07-06-15-00-14.png

My requirements are simple.

I need to call https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize to get the code that is necessary for getting the token.

Then I want to call {tenant}/oauth2/v2.0/token to get the access token

Then I want to call /oidc/userinfo to get the users of AD.

Is anything I am doing wrong?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,125 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,189 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 98,676 Reputation points MVP
    2021-07-06T13:26:22.397+00:00

    Perhaps your expectations are wrong, using the authorize endpoint will require you to enter credentials as detailed in the documentation, before returning an auth code or token: https://learn.microsoft.com/en-us/graph/auth-v2-user#2-get-authorization
    As noted in the article, if using SSO you might be able to get the token directly, but that will not always work.
    If you want to complete the flow by providing credentials directly, use the ROPC flow: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc
    Or client credentials: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#get-a-token


0 additional answers

Sort by: Most helpful