I'm implementing a webapp that connects to Dynamics365 via webapi. Therefore I'm using Azure Active Directory for oAuth. I'm getting the following error and I'm not sure where is something going wrong. Therefore I'm describing my whole procedure:
"error":"invalid_client",
"error_description":"AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.
Trace ID: 2cc92fcd-798b-4636-892d-0c3c397c0401
Correlation ID: f3bd2f4c-05c5-4de8-ace2-acf4b99e6fb9
Timestamp: 2018-09-19 09:43:38Z",
"error_codes":[70002,50012],
"timestamp":"2018-09-19 09:43:38Z",
"trace_id":"2cc92fcd-798b-4636-892d-0c3c397c0401",
"correlation_id":"f3bd2f4c-05c5-4de8-ace2-acf4b99e6fb9"
I'm using these urls including the tenant. I got got them from the Azure Portal / Azure Active Directory / App Registration:
- https://login.microsoftonline.com/{tenant}/oauth2/authorize
- https://login.microsoftonline.com/{tenant}/oauth2/token
I registered a new app in the App Registration. I used the app ID and created a key that I used as client_secret. Calling the authorize-url is working fine! Then it is redirected to my callback.
Then I'm getting a code that I try to use to get a token. But it returns the error mentioned above. Input for POST-request to /oauth2/token is the following:
grant_type=authorization_code&
client_id={same as for authorize}&
code={returned code from authorize}&
redirect_uri={the callback of my webapp}&
resource={also callback-url}&
client_secret={the key from the keys-section in App Registration}
I'm looking forward to any ideas!
