ADAL -How do I retrieve oAuth access token programmatically

1
votes

I am writing a service that will use Microsoft Graph API. To retrieve the access token I have done the following:

  1. Created a ServicePrincipal w/ "Company Administrator" role using SOAP based IProvisioningWebService (assume that I will have the org admin credential)

  2. Then used the ADAL4J lib to retrieve access token

    // clientId = AppPrincipalId created in step#1
Future<AuthenticationResult> future = context.acquireToken(
        "https://graph.windows.net", clientId, username, password,
        null);

I am getting following error, is my approach not valid?

com.microsoft.aad.adal4j.AuthenticationException: {"error":"invalid_grant","error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID 'XXXX '. Send an interactive authorization request for this user and resource.\r\nTrace ID:

2
javaoauthazure-active-directoryadal

2 Answers

0
votes

You need to go to azure portal and add permissions to access graph in you application. The option to do so will be at the bottom of the page under "Delegated Permissions".

0
votes

Found that it was a problem at my end... I should have used the clientId (the appPrincipalId and client_secret (password used while creating the SP) and use the following call to retrieve the access_token.

String authority = String.format("https://login.windows.net/%s",getTenantContextId()); context = new AuthenticationContext(authority, false, service); ClientCredential clientCredential = new ClientCredential(getAppPrincipalId(),getSymmetricKey()); Future future = context.acquireToken("https://graph.windows.net", clientCredential, null);