I'm requesting an OAuth2.0 token from https://login.microsoftonline.com/common/oauth2/v2.0/authorize. I'm requesting these scopes:
[
'https://graph.microsoft.com/User.Read',
'https://graph.microsoft.com/Calendars.Read.Shared',
'offline_access',
'profile',
'email',
'https://outlook.office.com/mail.read'
]
I'm trying to get both a Microsoft Graph scope and an Office 365 scope, but it gives me:
AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://graph.microsoft.com/User.Read https://graph.microsoft.com/Calendars.Read.Shared offline_access profile email https://outlook.office.com/mail.read is not valid
If I take out the outlook.office.com scope or both of the graph.microsoft.com scopes then it works.
Is there a way to have access to both?
Requesting permissions for two resources in the same request is not supported in the v2.0 auth model, try separating the requests, you will be able to access both APIs as long as you are getting an access token for each resource audience.