Microsoft Graph Api ROPC - AADSTS65001 [英] Microsoft Graph Api ROPC - AADSTS65001

问题描述

我有与 MS Garaph Api 通信的 ASP.NET 核心 Web api.我已经实施了 然后使用

I have asp.net core web api which is talking to MS Garaph Api.I have Implemented ROPC using service account to talk to onedrive. I have created the MS graph Api app in MS Portal 2 years back using the same service account. The the portal is obsolete now and the App is moved to Azure Portal. But i can get the Bearer token using ROPC and consuming Graph api and its working good.

Now i tried to mimic the same, i have created a new app in azure portal with same credentials and similar Metadata.The service account user type is member in azure Portal. I am getting the following error for the new App

"error": "invalid_grant", "error_description": "AADSTS65001: The user or administrator has not consented to use the application with ID

any ideas would be appreciated.

Thanks in advance
Subbiah K

解决方案

First, you need to be the administrator of the tenant (if you are not a tenant administrator, you cannot give the administrator permission), you can set up user roles according to here process.

Then follow this process to grant administrator consent to the app:

1.Log in to https://portal.azure.com as a tenant administrator.

2.Open the registration of your application in the following location.

3.Go to settings and then the required permissions.

4.Press the grant permission button.

In the Azure portal, I registered the application for testing and used User.Read permission to demonstrate:

Then use the ROPC flow in postman to get the access token:

这篇关于Microsoft Graph Api ROPC - AADSTS65001的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！