I'm able to get a v1.0 jwt token with the below settings.
How do I make the https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/authorize
endpoint return v2.0?
First we need to create app in ad with "Supported account types" as Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
.(when we choose this option, the property accessTokenAcceptedVersion
in its Manifest will be 2
).
Then we need to add a scope in it, and when we request the access token, we need to use openid api://xxxxxx/User.read
instead of only openid
in postman as the screenshot you provided.
After that, we can request the access token(v2)
Parse the access token, it will show v2.
Update about how to add scope:
We can add the scope in app on portal(shown as screenshot below):