为什么“获取用户访问"令牌会引发invalid_grant错误? [英] Why does Get User Access token throws invalid_grant error?
问题描述
我正在使用 Microsoft Graph Postman Collections 从内部测试常见的Microsoft Graph API邮差.但是,我在尝试获取用户访问令牌
I am using Microsoft Graph Postman Collections to test common Microsoft Graph APIs from within Postman. However, I am stuck while trying to fetch user access token
以下是请求
POST /7c69806f-5754-488f-9dd8-7daa8afea4fd/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
SdkVersion: postman-graph/v1.0
cache-control: no-cache
Postman-Token: ac512133-5afe-47a3-ae9b-3b6c0b510ebd
grant_type=passwordclient_id=ebbe4872-5b7187-de6d6ddf7301client_secret=g99p8DWoxdUPY-%3F%40%5Bv7kt2g4BMxGscope=https%3A%2F%2Fgraph.microsoft.com%2F.defaultuserName=rohitdhamijagmail.onmicrosoft.compassword=Zcost%4080
在尝试获取用户访问令牌" POST API时,出现以下错误:
On trying "Fetch user access token" POST API, I get following error:
{
"error": "invalid_grant",
"error_description": "AADSTS50034: The user account rohitdhamijagmail.onmicrosoft.com does not exist in the 7c69806f-5754-488f-9dd8-7daa8afea4fd directory. To sign into this application, the account must be added to the directory.\r\nTrace ID: c0e97dd8-053d-4c99-81e4-354d7ae7d500\r\nCorrelation ID: 7e67450e-3054-48bc-b808-2f6277093dac\r\nTimestamp: 2020-03-03 09:38:09Z",
"error_codes": [
50034
],
"timestamp": "2020-03-03 09:38:09Z",
"trace_id": "c0e97dd8-053d-4c99-81e4-354d7ae7d500",
"correlation_id": "7e67450e-3054-48bc-b808-2f6277093dac",
"error_uri": "https://login.microsoftonline.com/error?code=50034"
}
该用户帐户确实显示在Azure中的我的租户下,下面是附加的图像
The user account does show under my tenant in Azure , below is the image attached
可能是什么问题? 注意:由于我可以使用其他API(例如获取用户信息"等),因此我已经正确配置了全局环境.
What can be the issue? Note: I have configured the global environments properly, since I am able to use other API's like Get User info etc.
推荐答案
您的请求应像这样.
https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/v2.0/token
client_id:b603c7be_Client_id_e61f925
scope:https://graph.microsoft.com/.default
client_secret:NpmwO/KDJ_client_secret:NpmwO_W0kWf1SbnL
username:tenentUser.onmicrosoft.com
password:YourUserPassword
grant_type:password
查看屏幕截图:
我正在按预期方式获得令牌
I am getting token as expected
Step: 1
Step: 2
Step: 3
Note:
- 确保您的用户属于您租户上的azure门户
- 您的客户ID属于该租户
- 应用程序密码有效或未过期.
- Make sure your user belong to azure portal on your tenant
- Your Client Id belongs to that tenant
- Application secret is valid or not expired.
Update: How to get Tenant Id
有关更多信息,您可以参考官方文档
For more information you could refer Official document
希望会有所帮助.
这篇关于为什么“获取用户访问"令牌会引发invalid_grant错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!