Hi,
I'm following the steps mentioned in https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#second-case-access-token-request-with-a-certificate and https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-certificate-credentials to perform client certificate validation but I'm getting below error
{
"error": "invalid_client",
"error_description": "AADSTS700027: Key was found, but use of the key to verify the signature failed. [Reason - Key was found, but use of the key to verify the signature failed., Thumbprint of key used by client: 'xxxx', Found key 'Start=06/08/2022 08:43:19, End=06/08/2023 09:03:19', Please visit the Azure Portal, Graph Explorer or directly use MS Graph to see configured keys for app Id 'xxxx'. Review the documentation at https://learn.microsoft.com/en-us/graph/deployments to determine the corresponding service endpoint and https://learn.microsoft.com/en-us/graph/api/application-get?view=graph-rest-1.0&tabs=http to build a query request URL, such as 'https://graph.microsoft.com/beta/applications/xxxx'].\r\nTrace ID: xxxx\r\nCorrelation ID: xxxx\r\nTimestamp: 2022-06-08 17:39:02Z",
"error_codes": [
700027
],
"timestamp": "2022-06-08 17:39:02Z",
"trace_id": "xxxx",
"correlation_id": "xxxx",
"error_uri": "https://login.microsoftonline.com/error?code=700027"
}
CURL of request
curl --location --request POST 'https://login.microsoftonline.com/xxxx/oauth2/v2.0/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'scope=https://graph.microsoft.com/.default' \
--data-urlencode 'client_id=xxxx' \
--data-urlencode 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer' \
--data-urlencode 'client_assertion=xxxx' \
--data-urlencode 'grant_type=client_credentials'
Can someone please help with this?