The DNN Azure Active Directory Provider is an Authentication provider for DNN Platform (formerly DotNetNuke) that uses Azure Active Directory OAuth2 authentication to authenticate users.
However, according to the microsoft docs for the v1 endpoint, scope is ignored, and you should instead use resource. Without the resource on the v1 endpoint, you are going to get the default graph JWT tokens, not the ones defined in the app manifest.
It appears that the app is using the v1.0 endpoint for the implicit grant: https://github.com/davidjrh/dnn.azureadprovider/blob/de8171893101577ec188e8f028b14c6aafdb0e5f/DotNetNuke.Authentication.Azure/Components/AzureClient.cs#L61-L72
When building the query params,
scopeis defined: https://github.com/davidjrh/dnn.azureadprovider/blob/de8171893101577ec188e8f028b14c6aafdb0e5f/DotNetNuke.Authentication.Azure/Components/AzureClient.cs#L613-L621However, according to the microsoft docs for the v1 endpoint,
scopeis ignored, and you should instead useresource. Without the resource on the v1 endpoint, you are going to get the default graph JWT tokens, not the ones defined in the app manifest.