OAuth2 Error AADSTS90132: Device Code is not valid

Daniel Garcia 1 Reputation point
2022-07-16T02:31:34.167+00:00

I'm trying to authenticate the user for my application that utilizes the HotMail API. When using the device code flow to do so, I get the following error after the user approves my application's permissions:

AADSTS90132: The provided value for the input parameter 'device_code' is not valid. Device codes supporting the personal Microsoft Account sign-in audience can only be used for v2 common or consumers tenants.

Has anyone seen this error before? Can't find anything about it online.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,694 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 26,756 Reputation points
    2022-07-16T05:16:27.887+00:00

    Hello @Daniel Garcia , the error is caused by using a tenant specific /devicecode endpoint and trying to authenticate as a personal account. You need to use one that targets the common or consumers pseudo tenant.

    I.e.

    Instead of https://login.microsoftonline.com/<TENANT ID>/oauth2/v2.0/devicecode
    Use https://login.microsoftonline.com/common/oauth2/v2.0/devicecode

    Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so it helps other users with similar questions.

    1 person found this answer helpful.
    0 comments No comments