App Registration Token issue

pankaj.t 21 Reputation points
2022-07-11T12:33:16.697+00:00

Not able to generate to token using Postman.

Request Id: b19c0111-b187-4658-8f78-55230f9ba400
Correlation Id: a252b738-8a42-4bd8-b6e2-645d7db86881
Timestamp: 2022-07-11T12:21:24Z
Message: AADSTS500011: The resource principal named api://812daa0e-0d7e-4551-abfa-XXXXXXXXXXXXXX/Files.Read was not found in the tenant named Default Directory. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,166 questions
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,751 Reputation points
    2022-07-13T12:15:28.62+00:00

    Hi @pankaj.t • Thank you for providing all the required details to understand the issue.

    I am sharing the cause of the issue and the steps that we performed to resolve the issue.

    Cause:

    API permission added to the frontend application was added as delegated permission and the authentication flow used to get the token was Client_Credentials. When Client_Credentials flow is used, the token is acquired under the application context, which is why delegated permissions don't work and permissions need to be added as delegated permissions.

    Resolution:

    1. Navigate to Azure AD > App Registration > Your_backend_api > App Roles > Add new role named Files.Read.
    2. Navigate to Azure AD > App Registration > Your_frontend_app > API Permissions > Add a permission > My APIs > Select your_backend_api > Application Permissions > select the checkbox for Files.read permission > Add permission.
    3. Once the permission is added click on Grant Admin Consent.
    4. Request an access token with <your_app_id_uri>/.default scope rather than <your_app_id_uri>/files.read.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Rijwan Ansari 751 Reputation points MVP
    2022-07-11T13:55:13.91+00:00

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.