Closed brenwell closed 8 months ago
Their documentation suggests they are expecting a number of extra fields. https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow#request-an-access-token-with-a-client_secret
POST /{tenant}/oauth2/v2.0/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=204196ef-b7fd-461f-89b7-f778e1568c41
&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&grant_type=authorization_code
&code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
&client_secret=sampleCredentia1s
Is there a way to add the code
and scope
to the token request?
Hi @brenwell
What response mode did you use? Query or fragment? The oauth2c might not work correctly with fragment mode #47
Could you attach the cmd and the entire output?
Thanks
Hey. Thanks for the reply. I moved on from that issue. I tried to recreate it but I forgot exactly what I was doing at the time. It was an issue for me, but it was likely my fault. So maybe it doesn't matter if I am the only one.
Also I see that "scope" is optional.
And I see that the token request has a Basic Auth header.
Thanks for such a cool library.
I am having some trouble fixing an issue with Microsoft's code flow. It appears I need to add the
code
field in thetoken
exhange. Is this something I can do just via settings of the CLI?Thanks