Reputation: 6822
How to acquire an access token to a custom API using MSAL acquireTokenSilent?
I am able to obtain a valid access token for the Graph API, as there is an abundant examples/docs/tutorials for this.
However, I am unable to obtain a valid access token for my custom API. The scope I'm using looks something like this:
"api://<GUID VALUE>/user_impersonation"
Using this scope, I can obtain an access token. Unfortunately it is not valid. Subsequently I get a unauthorized 401 error when I try to invoke something on the custom API.
Is it even possible to request an access token on a custom API using MSAL acquireTokenSilent?
Upvotes: 0
Views: 1454
Answers (1)
Reputation: 15906
In my opinion, if the access token has been generated successfully, we can decode it online and if the scp claim really contains the specific api permission (scp is for delegate api permission while roles for application permission), that always the backend api has issue to authentication but not the token is wrong.
And if your backend is written in asp.net core, you may refer to my this answer, for java or springboot backend, this answer may help.
Upvotes: 0
Related Questions
- Getting access token from Azure AD from React frontend
- Azure Access Token react-aad-msal
- MSAL authentication and authorization from React to Web API
- How to get a valid access token for a custom Azure App API? (MSAL.js)
- How can I retrieve a token from msal-react on initial callback?
- How to get azure ad refresh token with react
- msal-browser with msal-react wrapper acquireTokenSilent doesn't get access token from cache
- How to get Azure access token with Node js API using Axios
- MSAL.js acquireTokenSilent resulting null token
- How to get Azure access token using client secret in MSAL?