Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The format of the request is defined in [RFC6749] sections 4.1.3 (Access Token Request) and 6 (Refreshing an Access Token), and in [RFC8628] section 3.4 (Device Access Token Request).
In addition to the POST body parameters described in [RFC6749] section 4.1.3 and [RFC8628] section 3.4, the OAuth 2.0 client can choose to send the following additional parameters:
requested_token_use: OPTIONAL. See sections 2.2.3 and 2.2.3.1.
assertion: OPTIONAL. See sections 2.2.3 and 2.2.3.2.
resource: OPTIONAL. See sections 2.2.3 and 2.2.3.3.1.
use_windows_client_authentication: OPTIONAL. See sections 2.2.3 and 2.2.3.4.
csr: OPTIONAL. See sections 2.2.3 and 2.2.3.5.
csr_type: OPTIONAL. See sections 2.2.3 and 2.2.3.6.
tbidv2: OPTIONAL. See [RFC8471].
Note: If the request is an OAuth device flow request [RFC8628], the AD FS server accepts the following alternatives for the parameters defined in [RFC8628] section 3.4:
The grant_type parameter can be set to "device_code".
The AD FS server will accept the presence of either the device_code parameter or the code parameter (or both). The code parameter has the same semantic meaning as device_code. If both parameters are present, the values MUST be the same.