You need to include the "openid" scope in the token request in order to obtain an ID token.
How do i get an Identity Token from Azure Active Directory
I am doing sign in for my application using Active Directory. I can get an access token for the application, however the access token is a Graph API access token which you can't validate and verify on own. Everything I am reading online says that the access token is nonce and requires special processing and doesn't need validating; calling a graph api call will have it go through validation and it's verified on call. It says I should be using and identity token to verify the user, but how do i get the identity token? It says in the documentation that it comes back with the accesss token, but I'm not seeing this in the request response. I'm using msal and doing result = app.acquire_token_by_username_password({username}, {password}, scopes=["User.ReadBasic.All"]). I get back the access token but I dont see any id token. I see alot documents saying to use the id token to verify the user however nothing that says how to get the id token.
Thanks In Advance,
Paul