Can I Get Access Token on Azure without registering my autotesting app?

Question

I write API autotests (using C#, HttpClient) for application deployed on azure. There were added authorizations - Authentication with Azure Active Directory and JWT Authorization using the Bearer scheme. Of course all my tests now fail with 401 error. To fix them I need to get Bearer token and add it to request header. There a lot of tutorials how to do it, but main idea is I need register my autotest app on Azure and use secrets from it to send POST request to login.microsoftonline.com/{tenant}/oauth2/v2.0/token.

On my previous project that used apigee it was very simple - POST JSON with credentials and apikey and get token in response.

Is it possible to get token without registration fake app on Azure, just sending some requests with my test user credentials? Like one can do on apigee?

Answer 1

Actualy I solved this problem without registering apps on Azure. I went another way and imitated login throw MS form using HttpWebRequest class. So there is no UI part, just three http requests and that suits me perfect for my API autotests. Big advantage, I can tests application behavior for users with different access level not having to register many fake applications on Azure to imitate different users.

Answer 2

Where would you get the credentials if not the registered app? You need a signed token from Azure AD. It will only give you one if you prove your app's identity and AAD confirms it. You have to register the testing app.