Unable to obtain token with different AUD

[Curthbert]

Hi, I am relatively new to PHP. I am trying to authorize my website to get access to rest api which will provide employee ID based on value "name" from the token. When accessing the api my token is not accepted because aud and scp values are incorrect. I was told that my token needs to contain aud and scope values:

"aud": "https://ABCDEFG.com/ABCDEFG-ABCDEFG-ABCD-ABCD-ABCDEFG"
"scp": "user_impersonation"

while my token contains:

"aud": "https://graph.microsoft.com/" "scp": "Directory.AccessAsUser.All Directory.Read.All openid User.Read User.ReadBasic.All"

(original AUD content replaced with letters)

I've spend couple days trying to google a solution without success. How can I change the target audience in the token?

Usage of the scope doesn't affect the token's code at all either. $provider->scope = 'user_impersonation';

Thank you

[hajekj]

It looks like you are obtaining token for incorrect resource - eg. Microsoft Graph. You API should be a separate resource. Please check out the https://github.com/TheNetworg/oauth2-azure#protecting-your-api---experimental for sample code.