30305

Azure AD token endpoint doesn't return an access_token (just an id_token and a refresh_token)

Question:

I'm using Xamarin.Auth for authenticating users against Google and Azure AD in a Xamarin Forms based mobile app. While everything works as expected with Google, I'm unable to get an access_token with Azure AD:

<ul><li>Authorize works as expected providing code and state</li> <li>Token returns an id_token and a refresh_token, but no access_token.</li> </ul>

I can replay this scenario in Postman, so this doesn't seem to be caused by Xamarin.Auth and is more likely to be blamed to my inability to properly interpret Microsoft's documentation...

Your help would be truly appreciated!

<a href="https://i.stack.imgur.com/rSrfi.png" rel="nofollow"><img alt="enter image description here" class="b-lazy" data-src="https://i.stack.imgur.com/rSrfi.png" data-original="https://i.stack.imgur.com/rSrfi.png" src="https://etrip.eimg.top/images/2019/05/07/timg.gif" /></a>

Answer1:

You should include resource scope when acquiring token in Azure AD V2.0. Any web-hosted resource that integrates with Azure AD has a resource identifier, or Application ID URI. For example, Microsoft Graph is https://graph.microsoft.com.

If you want to acquire access token for microsoft graph , and have permission to read mails of sign-in user , then token request would be :

POST /{tenant}/oauth2/v2.0/token HTTP/1.1 Host: https://login.microsoftonline.com Content-Type: application/x-www-form-urlencoded client_id=6731de76-14a6-49ae-97bc-6eba6914391e &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr... &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F &grant_type=authorization_code &client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps

Please read <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code" rel="nofollow">this document</a> for how OAuth 2.0 Authorization Code Flow works in Azure AD V2.0 .And click <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-scopes" rel="nofollow">here</a> for Scopes, permissions, and consent in the Azure Active Directory v2.0 endpoint

Recommend

  • using quartz.net on windows azure
  • Is it possible to dynamically import modules?
  • How to turn of electric-indent-mode for specific Major mode?
  • Do geospatial queries work on arrays? ( $geoWithin, $geoIntersects )
  • How to insert values from dynamically added rows into database
  • Child object property change fires parents DependencyPropertyChanged callback?
  • Get a class as javax.lang.model.element.Element in junit tests
  • GBP pound symbol appearing as uknown char in shop
  • Repeating Texture on Model/Mesh
  • Difference between Canvas and Grid to Move, Resize, Rotate UIElements
  • How to get full url in Angular?
  • Firebase Cloud Messaging: how to send data message to all users? [duplicate]
  • Variable with usage COMP in COBOL
  • sql server back restore - login failed
  • Comparing a large set of images by content
  • LIBSODIUM decrypt data inside mysql query like did with AES_DECRYPT
  • Search image on Google images with the new Custom Search API?
  • How to achieve density/heat map effect in iOS (iPhone/iPad)?
  • Javapackager tool from command-line on OSX?
  • Insert inline image into Lotus Notes message
  • Google Geocoding API limit exceeded on cell network, but not on wifi
  • Hide legend for a single geom in ggplot2
  • VS2010: Ctrl-PgUp / -PgDown like in browsers
  • Django self join , How to convert this query to ORM query
  • Firestore: Version history of documents
  • flex tree gets chopped even after using scroll bar
  • Getting the type of a “Type” in C# reflection
  • How to use Kaminari pagination gem with Sinatra and Mongoid?
  • PHPMailer return to AJAX
  • How to split wav file into two or more parts using c#
  • Error handeling in antlr 3.0
  • How do I add a mouse over tooltip to an Image using .DrawImage()
  • Update cell query for Excel ADO from Delphi
  • How to mutate multiple variables without repeating codes?