Multiple Web App Registration Not working in AAD

Question

We have two Azure AD Web Apps Registered under one outlook account for OneDrive Development under the portal apps.dev.microsoft.com . We have created two apps because we need our app to support callback URLs from two servers with different DNS. Unfortunately only the first app that was created works in which we can get the access token using V2.0 end point and then subsequently can access One Drive Resources using graph API.

The second App that we created to supported another server with a different DNS does not work. We are unable to get access token and the response is below,

AADSTS70000: The request was denied because one or more scopes requested are unauthorized or expired. The user must first sign in and grant the client application access to the requested scope

One App: reply URLs: https://www.example.org/OneDriveApp/callback.jsp - works great

Second App: reply URL https://www.example2.net/OneDriveApp/callback.jsp - failure to get OAuth Access Token.

Answer 1

This error generally means the auth code you've gotten is not meant for tokens on the specified endpoint. This can happen from misconfiguring the auth endpoints, registering the app in the wrong spot, or a malformed request.

The first thing to check with this error is your auth endpoints.

Next, make sure you're using the correct library to obtain the authorization code.

Also, make sure that you are not registering the app in the wrong blade (regular AD vs b2c).

What do you have as the URL for the token endpoint?