Generate bearer token using postman

Question

I have registered an application in Azure AD. I selected supported account type as 'Single-tenant'. I have given permissions like user.read, openid and profile.

Now, I am trying to get access token from Postman. I have given parameters like below:

https://login.microsoftonline.com/mytenantid/oauth2/v2.0/token
client_id='myapp client id'
&scope=https://graph.microsoft.com/user.read
&redirect_uri=http://localhost
&grant_type=authorization_code
&client_secret='myapp client secret'

I am getting the below error:

AADSTS900144: The request body must contain the following parameter: 'code'.\r\nTrace ID: ffa4ba48-3287-4615-b6a3-aa71ed757400\r\nCorrelation ID: b375f781-2486-40d4-adee-826b9dc440ec\r\nTimestamp: 2022-04-21 12:13:10Z",

I am not understanding what code to give and how to find code value. Can anyone help me out?

Thanks in advance.

Answer 1

To resolve the error, you have to include code parameter in Postman.

To get that value, try to form an authorize url like below:

https://login.microsoftonline.com/yourtenantid/oauth2/v2.0/authorize?client_id=yourclientid&response_type=code&redirect_uri=http://localhost&response_mode=query&scope=https://graph.microsoft.com/user.Read&state=skip_get_token2

And open the above link in browser. In address bar you will get the value of code.

Copy that code value and add that parameter in postman.

Please Note that, the code value will work only one time. To get the code value again, you have to repeat the above process again.

I tried in my environment, after adding the code parameter, I got the access token successfully:

For more in detail, please refer below link:

Microsoft identity platform and OAuth 2.0 authorization code flow - Microsoft identity platform | Microsoft Docs.