How to specify Resource URI when acquiring access token for Azure AD V2 endpoint?

I have used ADAL.js in a previous project which supported only work accounts and am able to successfully acquire idtokens and then accesstokens to an API (ResourceURI: "https://myresource.com"). Works fine.

Now, I am trying to use MSAL.js for another project because there I need to support both work accounts (aad auth) and personal "Microsoft Accounts" (MSA). I am running into problems now trying to do the same thing as in my ADAL project.

The concept of "Resource" has seemingly vanished from AAD V2. So how does one specify the Resource url when acquiring an access token to the target API? So that the resulting accesstoken contains the ResourceURI in the AUD claim (which will be enforced by the API I am calling).

If I force add the Resource querystring parameter, thusly:

msalapp.acquireTokenSilent([], null, null, "resource=https%3A%2F%2Fmyresource.com")

I get the following error:

AADSTS901002: The 'resource' request parameter is not supported.

Documentation says to use SCOPE instead. But using:

msalapp.acquireTokenSilent(['https://myresource.com'])

results in:

AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://myresource.com openid profile is not valid. The scope format is invalid. Scope must be in a valid URI form <https://example/scope> or a valid Guid <guid/scope>..

So: how do I specify the Resource URI when acquiring the access tokens when working with the v2 endpoint via MSAL.js? Sorry the (usually pretty good) MSDN articles are not useful at all in this case...

cool, thanks! I just stumbled on a great MSDN article docs.microsoft.com/en-us/azure/active-directory/develop/… which has a section titled "Scopes, not resources"!!! that explains this in detail. Once again, I bow to the MSDN gods :). The /.default is a nice little find, thanks for that @Jean-Marc!