How can I manually get an access token using OAuth 2.0 authorization code flow in Azure Active Directory B2C?
For testing purposes I am trying to manually get an access token. The guide Request an access token in Azure Active Directory B2C basically describes two steps:
- Get the authorization code - fine, no issue here
- Using the authorization code, get an access token
I am having issues on step 2:
According to the instructions one shall make a POST request and specify https://jwt.ms as redirect_uri. I am using Postman to make this POST request, but in this case I have no chance to get the reply that is sent to https://jwt.ms ? So how could that work at all? Am I misunderstanding something? (I am still quite new to OAuth 2)
I tried to reproduce the same in my environment and got the results as below:
I created an Azure AD Application and exposed an API:
Now, I added the API permissions like below:
I generated the auth-code by using below endpoint:
https://b2ctenant.b2clogin.com/b2ctenant.onmicrosoft.com/B2C_1_Signinsignup/oauth2/v2.0/authorize?
&client_id=7969b8c5-e6c6-49ab-b012-xxxxx
&response_type=code
&redirect_uri=https://jwt.ms
&response_mode=query
&scope=https://b2ctenant.onmicrosoft.com/7969b8c5-e6c6-49ab-b012-d59xxxxx/test.read
&state=12345
I generated the access token using below parameters:
https://b2ctenant.b2clogin.com/b2ctenant.onmicrosoft.com/B2C_1_Signinsignup/oauth2/v2.0/token
client_id:7969b8c5-e6c6-49ab-b012-d598a9d99d17
grant_type:authorization_code
scope:https://b2ctenant.onmicrosoft.com/7969b8c5-e6c6-49ab-b012-xxxxxx/test.read
code:code
redirect_uri:https://jwt.ms
client_secret:ClientSecret
- Error 400: invalid_scope with Postman and Google OAuth2
- Issues Adding SMTP.Send Permission to Azure Application for Office 365 SMTP
- PHP - How to get OAuth 2.0 Token
- UPS Outh Rating API return Invalid Authentication Information
- How to store sensitive data in React Native or expo code ? ( with Keychain and Keystore )
- How to get Optum sandbox to authenticate with OAuth 2.0 using Java and okhttp
- Spring Boot redirection back to login page
- New Google place api using google OAuth, ask failed to refresh token
- Getting OAuth code challenge on loopback server
- How do I solve audience (aud) invalid claim error for downstream api service?
- oauth 2 parameters can only have a single value: scope
- #oauth2 security expressions on method level
- Calling spring authorization server OAuth2 REST endpoints
- Google AdWords API authorization raising AdsCommon::Errors::AuthError
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Passport - Node.js not returning Refresh Token
- AWS Cognito: Missing Scopes in Access Token with Custom UI and Device Remember Functionality for MFA
- Cross-client Google OAuth: Get auth code on iOS and access token on server
- How to generate GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET without a domain?
- Spring Gateway and OAuth
- OAuth Client Credential Flow - Refresh Tokens
- Django OAuth2 Authentication Failing in Unit Tests - 401 'invalid_client' Error
- Add OAuth authentication for HTTP request triggers
- OAuth2 implementation and user management Django
- How to enable a submit button if form fields are auto-filled by the browser using saved credentials on page load?
- AADSTS70000 Error When Requesting for Access Token
- Is storing an OAuth token in cookies bad practice?
- Spring OAuth2 client performs Back-Channel Logout with an expired ID token
- I/O error on GET request for "https://localhost/application/o/{name}/.well-known/openid-configuration": Connection refused
- Restrict Microsoft Azure App OAuth2.0 to Internal Users