Reputation: 33
Incorrect callback in Office 365 Client credentials grant OAuth2 flow
I am playing with client credentials grant flow described here https://msdn.microsoft.com/en-us/office/office365/howto/building-service-apps-in-office-365
Here is my initial authorization request: https://login.microsoftonline.com/common/oauth2/authorize?nonce=c43a377e-8b75-4c7f-9fab-300f1dbc76c5&prompt=admin_consent&state=35&redirect_uri=http%3A%2F%2Flocalhost%3A6543%2Fcallback%2Foffice365&response_type=code+id_token&client_id=XXXX&scope=openid
According to the documentation I expect to receive a POST callback with a token in the body. But I actually receive a GET callback like this: http://localhost:6543/callback/office365#code=XXXXX&id_token=XXXXX&state=35&session_state=3a2e2c61-7e71-4f11-a9a6-f1dd8f50aeb6&admin_consent=True
I actually prefer GET over POST but there is a hash sing # instead of question mark ? in the URL, so the parameters are actually not a GET arguments.
Is there anything I can do to receive a valid callback?
Upvotes: 0
Views: 346
Answers (1)
Reputation: 33
By spec OAuth2 supports different response modes.
Adding response_mode=query solves the problem. This means MS Authorization endpoint uses response_mode=fragment by default which is not explicitly described in the documentation.
Upvotes: 0
Related Questions
- Using client credential flow on Graph api returns an access_token without scopes
- Microsoft Azure OAuth ID Token In Client Credentials Grant
- Microsoft Graph - Accessing /me or /user/{id}/ endpoints using client_credentials flow - requested user is invalid
- Microsoft Graph API Authentication_MissingOrMalformed
- Microsoft Graph Oauth2 - Getting: "401 - Unauthorized: Access is denied due to invalid credentials"
- Microsoft Graph API - Client Credentials Grant Flow
- Client Credentials access token not working office 365
- MS Graph API: invalid authentication token
- microsoft_graph oAuth refresh error
- Office 365 APIs Microsoft Graph authentication failed