I'm attempting to use MSAL (1.0.304142221-alpha) to acquire a token for the Microsoft Graph API, using the client credentials flow. My code looks like so:
var confidentialClientApp = new ConfidentialClientApplication(clientId, redirectUri, new ClientCredential(clientSecret), null);
var token = confidentialClientApp.AcquireTokenForClient(new string[] { "Mail.Read" }, string.Empty).Result;
The 2nd line throws an exception: "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope Mail.Read is not valid.". The Graph API reference appears to cite "Mail.Read" as the required scope.
The application in Azure AD is a Web Application with a single key. The application has the "Read mail in all mailboxes" application permission set for Microsoft Graph.
Could anyone shed any light as to what is going on? Thankyou :)
