I have a Flutter mobile app that needs to authenticate and access Azure functions defined behind Azure API Management. I have configured and tested it with Authorization Code grant and it works OK (used this article to guide me). Now I want to see if the Resource Owner Password grant would work and I cannot get it to work (basically the same as described in the mentioned article but for Resource Owner Password grant). I have reconfigured the API Management OAuth2 setup like this:
I have also configured the mobile client (under Default Directory - App Registrations -> my mobile app client -> Supported Account Types) as a public client to allow Resource Owner Password Credential (ROPC) flow (not sure if this is required).
When I execute the authentication (i.e. hit the token endpoint passing password grant_type, client_id, user password, user id and scopes) I get the following error back (note that I am on Default Directory free trial, if it makes a difference):
OAuth authorization error (invalid_request): AADSTS90002: Tenant '' not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.
But the token endpoint URI I am using contains my proper tenant ID and if I do the Authentication Code flow using the same tenant IDs in authorize and token endpoint URIs, all works fine.
Not sure what other information to provide for better diagnosis so ask away.
