blogs4t
Reputation: 2747
Get-MsalToken does not include audience claim in the token. How do i include audience claim in the token while using Get-MsalToken?
I use this powershell script to generate an azure AD jwt token. It is missing the audience claim. how do i include that?
$connectionDetails = @{
'TenantId' = '****'
'ClientId' = '****'
'Interactive' = $true
'Scopes' = ''
'LoginHint' = '****'
}
$token = Get-MsalToken @connectionDetails
Write-Output $token
Upvotes: 0
Views: 985
Answers (1)
Carl Zhao
Reputation: 9539
Summary comments are posted as answers.
As I said in the comments, usually, the value of the scope is the aud claim in the token. Because you did not set the scope in the script, the token you obtained has no aud claim.
So you must set the scope, for example:
'Scopes' = 'https://graph.microsoft.com/.default'
Upvotes: 1
Related Questions
- Get-MsalToken error AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'
- Get-MsalToken Error : Parameter set cannot be resolved using the specified named parameters
- Azure active directory - Allowed token audiences
- Access token validation failure. Invalid audience requesting AzureADPolicies
- Azure ARM access token wrong audience
- How to include roles into access token using Azure AD MSAL library
- Acquire Azure Active Directory resource access token from powershell for current user?
- Obtain Azure Access Token
- Get Azure Active Directory Access Token from Powershell
- AzureAD b2c MSAL - Token response is missing the access token