Azure AD oauth/token endpoint returning v2 token

3
votes

I have an Azure AD application that I created in the App Registrations blade of the Azure Portal. The application has been given access to a Web API (that is actually an Azure AD B2C application). I am attempting to get a token from Azure AD using client credentials (client_id, client_secret and resource). In my dev instance, Azure AD will return my a Azure AD V1 Token, but it my test instance Azure AD is returning me an Azure AD V2 Token.

I am calling https://login.microsoftonline.com//oauth2/token in both instances with the same body input (grant_type, client_id, client_secret and resource).

Why would that endpoint be returning me a V2 token when I am not calling the v2.0 endpoint?

1
azure-active-directoryazure-ad-b2c
Can you elaborate on the differences between the dev and test instance? Are they different tenants, apps, etc? Also, try checking the token claims at jwt.ms and see if there are any major differences. The site will also verify if it's a v1/v2 token.Daniel Dobalian
Yes, dev and test instances are completely separate, but the mimic architecture. They each have their own B2C tenant, their own B2C app, their own App Registrations. I have used the jwt.ms site to verify the differences. The token from the "dev instance" shows that is a v1 token and the "test instance" shows it is a v2 token. The biggest difference from a claims perspective is the appid vs azp and appidacr vs azpacr.nboettcher
@DanielDobalian - any update? I still have this issue and haven't been able to solve.nboettcher
There is a flag on the resource app (your web API) that may dictate the version of token issued as opposed to the endpoint you're calling. Can you open the app manifest of boths apps are check if the AccessTokenAcceptedVersion field is the same?Daniel Dobalian
@DanielDobalian -- where would I find the app manifest for both apps that would contain AccessTokenAcceptedVersion?nboettcher

1 Answers

0
votes

The app manifest is in Azure Active Directory-->App registrations (Preview)-->{YourAppName}-->Manifest

accessTokenAcceptedVersion is line 4.