I have been working with 'Integration of Microsoft Identity Platform with a Python web application' ( https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-python-webapp). I am trying to access the graph API by Microsoft with the help of a python web application.
To be quick , my problem is : After success acceptance of credentials of microsoft account, it's showing me this issue on web page : We're unable to complete your request:invalid_request: The provided value for the input parameter 'redirect_uri' is not valid. The expected value is a URI which matches a redirect URI registered for this client application.
I tried looking at many solutions, but none of them worked. I tried this solution too - https://github.com/microsoftgraph/msgraph-training-uwp/issues/15
But it is not solving the issue for python. Issue remains the same.
I did everything as per the instructions -
Download python project from microsoft graph api docs (https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-python-webapp)
Registered in the Azure App registration.
Authentication - Redirect Uri - http://localhost:5000/getAToken ( url suggested by docs) -> I added same url in azure, I also tried putting 'https' and 'http' both.
Obtained the secret key. (under certificates and secret)
Added the required permissions.
I changed the app.config file taking all details from my azure app registration ( I am adding the code below ) 7.I did not change anything in my app.py file.
Started Flask server and finally opened the required localhost address.
Please help me where I went wrong and what corrections I have to make. I'll really appreciate it. Thanking you in advance.
App.config
import os
CLIENT_SECRET = "my key"
AUTHORITY = "https://login.microsoftonline.com/common" # For multi-tenant app
CLIENT_ID = "my id here"
REDIRECT_PATH = "/getAToken"
ENDPOINT = 'https://graph.microsoft.com/v1.0/users'
SCOPE = ["User.ReadBasic.All"]
SESSION_TYPE = "filesystem" # So token cache will be stored in server-side session
My problem got solved ,always check these :
When you created the app registration, you need to select for supported account types: Accounts in any organizational directory (Any Azure AD Ddirectory-multitenant) and personal Microsoft accounts.
Enter your redirect URI in Web configuration, I was doing in SPA which was wrong.
Instead of typing http://127.0.0.1:5000/ type 'http://localhost:5000/' in browser. I know it's same but it made a difference for me.
You cannot use a free microsoft account for Azure active directory, you have to use paid premium version. You can give card details and use it for a month for free.
hope it helps. Thankyou