Azure AAD - The audience is invalid

Question

I have create a webapi secured with azure active directory. I need to test this now and trying to use fiddler with an authorization header. I am trying to generate the token wit

Answer 1

Important note

"aud" value that is being generated for JWT token by azure is also controlled by "accessTokenAcceptedVersion" property in AD application manifest.

This property defines a version of the access token that will be generated (MS docs about accessTokenAcceptedVersion).

Possible results for its values:

• null or 1 - "api://" prepended to GUID
• 2 - "api://" is not added, so there should be GUID only