3
votes

I wanted to generate Azure token from Postman for API authorization in my project. I am able to generate token using below API request but getting the below error message "Authorization denied for this request" while using the generated token in another API request.

Endpoint#

https://login.microsoftonline.com/:tenant_id/oauth2/token 

Params#

tenant_id:As per id generation by azure.

Body# (Form-data)

grant_type:client_credentials
client_id:As per id generation by azure.
client_secret:As per id generation by azure.
resource:Required URL

Response#

    "token_type": "Bearer",
    "expires_in": "foo",
    "ext_expires_in": "foo",
    "expires_on": "foo",
    "not_before": "foo",
    "resource": "foo",
    "access_token":foo

Since the above returned token is not accepted, I had passed username and password as well in body of the request but ended up with same results. Also azure did not consider my credentials even they are wrong.

Could you please assist what else I need to send in the response to get valid token id?

2
See the updated answer and do exactly I have shown. You will get token definitely. Let me know if you have any more concernMd Farid Uddin Kiron
I applied as per your direction and getting token successfully but problem is generated token is not accepted as valid token when passed in another API for authentication purpose.Learner
Where are you passing this ? which resource you are trying to access? show the URLMd Farid Uddin Kiron
POST>>>login.microsoftonline.com/<<My tenant name>>.microsoft.com/oauth2/token. sending these inbody(Grant type, clientid, client_secret and resource)Learner
This is token endpoint , after getting token where do you passing it? not this URLMd Farid Uddin Kiron

2 Answers

3
votes

The Valid format for client_credentials authentication flow is like below:

Azure Portal Credentials For App Id and Tenant Id:

enter image description here

Application Secret from Portal:

enter image description here

Token Endpoint Or URL:

https://login.microsoftonline.com/YourTenantName.onmicrosoft.com/oauth2/token

Request Param:

grant_type:client_credentials
client_id:b603c7be_Your_App_ID_e6921e61f925
client_secret:Vxf1Sl_Your_App_Secret_2XDSeZ8wL/Yp8ns4sc=
resource:https://graph.microsoft.com 

PostMan Sample:

enter image description here

Token On Response:

enter image description here

Expose Your Own API:

When You want to authorize your own API you have add it here. So that your token will contain this permission and this API can be accessed. Refer this docs

enter image description here

For more clarity you could refer official docs

0
votes

You should try adding "X-ZUMO-AUTH" header to your request when using the generated token.

GET https://<appname>.azurewebsites.net/api/products/1
X-ZUMO-AUTH: <authenticationToken_value>

https://docs.microsoft.com/en-us/azure/app-service/app-service-authentication-how-to