I am trying to generate a OAuth Token for OneDrive by using Postman. I just wanted to ask for clarification as to what the Auth URL, Access Token URL and scope would be?
I have tried it with:
Auth URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Access Token URL: https://login.microsoftonline.com/common/oauth2/v2.0/token
Scopes: wl.signin
However, I keep getting an error around the scope is not correct. Just for sanity check are these the correct settings?
Please refer to https://dev.onedrive.com/auth/msa_oauth.htm for full documentation of the possible auth flows, scopes etc.
auth URL: https://login.live.com/oauth20_authorize.srf
token URL: https://login.live.com/oauth20_token.srf
Valid scopes can be:
offline_access
onedrive.readonly
onedrive.readwrite
onedrive.appfolder
Documentation of the OneDrive API in general, including the above link, can be found here: https://dev.onedrive.com/README.htm
From the Auth/Token URLs, it looks like you're trying to use the unified consumer / work OAuth 2.0 end point for Microsoft Graph. The wl.signin scope isn't a valid scope for that end point. That scope is only available for the Microsoft Account (consumer only) authentication.
With those URLs, you'll want to use the User.Read scope, which grants you the ability to sign-in and read the signed in users basic profile. Additional scopes available on that end point are documented here: https://graph.microsoft.io/en-us/docs/authorization/permission_scopes. Since you mentioned OneDrive, you'll probably want to include Files.ReadWrite as one of your scopes as well, so your app can access the user's OneDrive files.
