I want to use the two scopes https://outlook.office.com/Mail.Read and https://outlook.office.com/calendars.read to read an authenticated users' email and calendar. I followed the official .Net (WPF) tutorial to authenticate the user and obtain a token. It works well as long as my scope is only one of the ones above. As soon as I use both, I don't get back a token when I try to obtain it.
That's basically what I do:
private static string[] scopes = { "https://outlook.office.com/Mail.Read", "https://outlook.office.com/calendars.read" };
// sign-in/authenticate logic (with PromptBehavior.Always/Never) from tutorial
// here, the result doesn't contain a token:
result = await authContext.AcquireTokenAsync(scopes, null, clientId, redirectUri, new PlatformParameters(PromptBehavior.Always, null));
What am I doing wrong?
Try changing your Mail.Read scope to all lower-case:
private static string[] scopes = { "https://outlook.office.com/mail.read", "https://outlook.office.com/calendars.read" };
It looks like a bug in the ADAL library. I filed an issue on GitHub.