Accesing endpoint from browser is working but not from postman
i have a question regarding the testing flow for accesing a resorce(an endpint in a java spring cloud application) secured by Azure Active Directory.
So when i am accesing the resource from browser its redirecting me to microsoft page i paste my crdentials and i am loging in sucesfuly and after that i can acces that resource. But if i am trying to do the same with postman so first of all i need to get the acces token.
The get response:
After i get the acess token i put it in the Authorization header with Bearer in front, but its returning me the html sign form and whats intersting when i am trying to get request my endpoint resource its redirecting to sign in form and this is why its returning the form. The form is send also when i am trying to get request the resorce (200 status code in both cases with or without token)
I am kinda blocked by this and i am tried many things but its just not work
The spring app has just an controller returning the string "Hello" and has an application.properties;
server:
forward-headers-strategy: native
port: 9191
spring:
cloud:
azure:
active-directory:
enabled: true
profile:
tenant-id: TENANTID
credential:
client-id: CLIENTID
client-secret: CLIENTSECRET
The problem was that the app was not an spring-boot-starter-oauth2-resource-server but an spring-boot-starter-oauth2-client
- How do I login to an Azure AD Joined VM using Azure AD Credentials on an Windows Server 2019?
- Migrating from validate-jwt to validate-azure-ad-token policy
- Azure Permission - needed for creating resource group - RBAC
- Is it possible to have a non-interactive code that logs in to Azure and creates users in Microsoft Entra ID?
- Microsoft as OAuth2 provider for personal accounts does not issue JWT access tokens
- Updating App Registration's Configured permission without overwritten existing values
- Azure trusted signing Identity validation process stuck due to inability to upload required documents
- How to debug Bearer error="invalid_token"
- Azure global admin cannot(disabled) add roles under "Access Control(IAM)"
- Access and Modify SharePoint Online list using PnP.Powershell and AccessTokens / Registered App
- How to find the delay when I reset a password using Microsoft's Graph API?
- Outlook calendar don't render with FullCalendar
- Azure Remove User Consent to API
- .NET Core Multi Tenancy authentication
- Production slot not using Production as ASPNETCORE_ENVIRONMENT variable
- Microsoft Identity Web: Change Redirect Uri
- Authenticating to Azure application with JMeter
- How do I solve audience (aud) invalid claim error for downstream api service?
- invalid_request: The provided value for the input parameter 'redirect_uri' is not valid
- I am getting an error that OAuth2 Code has already been redeemed
- Generating token for Fabric Rest api using client secret
- AADSTS700016: Application with identifier 'XXX' was not found in the directory 'directory_name'
- Authenticate to SQL Server with Azure app service managed identity through group
- Why is my Azure AD token request returning HTTP 400 consent error for API permissions that have been granted?
- Azure AD:Authenticate Devices
- How to set Azure MSAL SSO for my Nextjs14 app using Approuter and next-auth
- Unable to Connect to Azure PostgreSQL Database via Point-to-Site VPN with Azure Active Directory on macOS
- How do I retrieve the service principal password after creation using the azure cli?
- Cannot create Azure B2C Tenant
- Accessing Graph API from multi tenant App Function via identity