I am trying to return an Azure AD application role in an OAuth2 token that is requested using the client_credentials grant. No luck so far...
Based on this article I've created 2 applications in AD: - MyApi, added an application role in the manifest - MyApiSwagger, added permissions to MyApi ReadAll and clicked "grant permissions"
The assigned permissions show up in for the MyApiSwagger app the managed application in local directory:
When I request a token with client_credentials grant type (using Postman) a token is returned but it does not contain the application role (I parse the token using https://jwt.io/)
All documentation and articles I have found indicate that this should work... I feel there is something missing in the MyApi manifest as the "Read directory data" role from the standard Windows Active Directory app shows up in the token without any problems after I add & grant permissions...
Any idea which step I am missing?
