问题
I have registered an application on Azure AD and created 2 users and a group in the azure ad directory using the azure portal. Now through Microsoft Graph explorer , I am testing the API for the operation "Get All user groups is the organization", but I am getting empty array as response though there exists a group on the AD in my directory.
For the operation "Get the groups I belong to", I get error.
I have followed the documentation, and as I understand we need to first request an access token to make calls to other APIs like fetching user groups etc. I followed the steps as mentioned in the link: https://docs.microsoft.com/en-us/graph/auth-v2-service?view=graph-rest-1.0#4-get-an-access-token to request the access token.
I have fired a query from graph explorer, and details are:
1) Specified the endpoint as: https://login.microsoftonline.com/[TENANTID]/oauth2/v2.0/token
2) Specified request header with content type : application/x-www-form-urlencoded
3) Sent the request body in json
4) Given application permissions and also granted the admin consent using the Azure portal.
I have carefully rechecked the client ID, tenant ID, scope, secret and other creds again. But on making the API call I don't receive any response.
JSON body to request access token:
{
"client_id": "[clientId]",
"scope": "https://graph.microsoft.com/.default",
"client_secret": "[the-secret]",
"grant_type": "client_credentials"
}
Expected result: I should get a json response with "Bearer" token in it.
Actual result:There is no response from Azure , and the request is shown a s processing.
In which direction should I see to solve the problem? I found a similar question here: **Where can I find APP ID URI for Microsoft App? **. But my problem is still unsolved.
Screenshot showing the request and response:
Screenshot showing the group in azure ad:
回答1:
The Microsoft Graph explorer is a tool that lets you make requests and see responses against the Microsoft Graph. It will get an access token for you automatically before you call Graph endpoint. Do not use it to call endpoints other than Graph.
Your process should be OK. But you should choose other tools such as Postman, Talend API TESTER.
Update:
来源:https://stackoverflow.com/questions/58798338/unable-to-get-access-token-from-azure-ad-when-using-microsoft-graph-explorer