I'm using microsoft Grap API to sign users in on my web app and get their basic profile. I've followed every steps on the microsoft overview.
With any live email (tried outlook.fr and hotmail.com), I got this error while requesting for the access token:
AADSTS65001: No permission to access user information is configured for 'MyAppId' application, or it is expired or revoked.
Is there something I am missing ? I have configured only one permission on my Azur Portal app, under the microsoft graph api delegated permisions : "Sign in and read user profile". No other app authorization.
And when I try with an office365 account, everything works fine. I could even call https://graph.microsoft.com/v1.0/me and get the result.
I have checked my redirect_uri and they are matching on both the authorization and access token request. I have turned the APPLICATION IS MULTI-TENANT option ON and modified the manifest file, other than that everything is by default.
Can the microsoft graph api handle live sign in to my web app ? If so, can anyone help me understand where I am wrong ?
Here are my authorization link that works fine with any account :
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=MyClientId&redirect_uri=MyUri
And here is my access token request link :
https://login.microsoftonline.com/common/oauth2/token
POST data : grant_type=authorization_code&code=MyCode&client_id=MyClientId&client_secret=MySecret&resource=https%3A%2F%2Fgraph.microsoft.com%2F&redirect_uri=MyUri
