I have a Node.js app configured to authenticate with Azure AD, this part works. When trying to use the access token given by Azure AD, API calls to Azure's API states that they are invalid.
'Bearer authorization_uri="https://login.windows.net/", error="invalid_token", error_description="The access token is invalid.
If I use my id_token, I am at least able to validate it is a token, but it has the wrong audience/resource.
'Bearer authorization_uri="https://login.windows.net/", error="invalid_token", error_description="The access token is invalid.
According to your error information, I assume that the resource for the token is invalid,
As @junnas mentioned that you could try to using https://management.core.windows.net/ as the resource when you request the access token.
Or please add the demo code to get the access token.
i was able to get the access token to work finally using the ADAL library.. now how do i convert that access token to authenticate with ms-restazure or the SDK?
We could get the demo code from GitHub. The following is the snippet from the document.
Login with service principal name and secret
var msrestAzure = require('ms-rest-azure');
var someAzureServiceClient = require('azure-arm-someService');
msRestAzure.loginWithServicePrincipalSecret(clientId, secret, domain, function(err, credentials) {
if (err) return console.log(err);
var client = new someAzureServiceClient(credentials, 'your-subscriptionId');
client.someOperationGroup.method(param1, param2, function(err, result) {
if (err) retutrn console.log(err);
return console.log(result);
});
});
https://management.core.windows.net/as the resource when you request the access token. – juunas