Closed Ambition-Cc closed 8 months ago
@bgavrilMS Sir, thank you for replying. However, I am trying to get token by Java code and I think there is no parameter names resource.
Hello @Ambition-Cc : That "AADSTS90009" is coming from the token service (MSAL Java just forwards the error message), which means this is likely a configuration issue.
After testing it a bit it seems like you might not be able to get certain scopes with an exposed API for the same app you're using to request the token ("requesting a token for itself" from the error). I tried using 'api://client_id/.default' as the scope and got the same error you did, however if I set up a custom scope I could get a token without issue.
Try using just ".default" as the scope instead of "api://client_id/.default", as long as account permissions are set up right that should work. I believe those APIs you can set up are more intended for web app scenarios, and if you are making a web app you can check out our web API sample which involves setting them up to call Graph: https://github.com/Azure-Samples/ms-identity-msal-java-samples/tree/main/1-server-side/msal-web-api-sample
Thank you so much @Avery-Dunn I will have a try tomorrow as you said and give you feedback.
@Avery-Dunn Thank you so much for your help. That really work!
Library version used
1.13.8
Java version
openjdk1.8
Scenario
PublicClient (AcquireTokenInteractive, AcquireTokenByUsernamePassword)
Is this a new or an existing app?
This is a new app or experiment
Issue description and reproduction steps
When we trying to get token by userName and password. We got this exception com.microsoft.aad.msal4j.MsalServiceException: AADSTS90009: Application 'XXXXXXXXX'(XXXXXXXX) is requesting a token for itself. This scenario is supported only if resource is specified using the GUID based App Identifier. Could you please help me with this. Thank you!
![image](https://github.com/AzureAD/microsoft-authentication-library-for-java/assets/76605369/3bfb8658-deb7-4173-962b-988fa5fbb01f)
Relevant code snippets
No response
Expected behavior
No response
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
No response