Invalid request. Request is malformed or invalid. While getting Access Token From Azure
Solution 1
I got the same issue, and finally figure out that my problem is that the code returned after authorization in the redirect uri is actually something like www.yourredirecturl.com/?code=....§ion_state=....
So copy the whole thing after ?code=
simple include the §ion_state
and make the code
incorrect. Hope this resolve your problem.
Solution 2
If I am not wrong you are trying to get get token using OAuth 2.0 code grant flow
.
For this code flow there are two steps:
- Request an authorization code
- With this authorization code need request token
Get authorization code
You paste following code either in browser or post man. In postman do it like below:
https://login.microsoftonline.com/YourTennatId.onmicrosoft.com/oauth2/authorize?client_id=YourClentId&response_type=code&redirect_uri=https://www.getpostman.com/oauth2/callback&response_mode=query&scope=offline_access%20user.read%20mail.read
Once you got the authorization code , copy it for next step.
Use the authorization code to request an access token:
Token Request Endpoint: https://login.microsoftonline.com/YourTenantId/oauth2/token
client_id:YourClientId
scope:https://graph.microsoft.com/User.ReadWrite.All
redirect_uri:https://www.getpostman.com/oauth2/callback
grant_type:authorization_code
client_secret:YourAppsSecret
code:Paste Your Code Here
Post Man Format:
Hope this will resolve your problem.
Anand Deshmukh
Updated on June 13, 2022Comments
-
Anand Deshmukh almost 2 years
I am trying to Get access token from Azure AD. For that I have performed below Steps
1) Created an Enterprise application on Azure Active Directory
2) I am able to get the Access token using Authorisation --->> 'Get New Access token'
3) Hit the 'POST' request for
https://login.microsoftonline.com/<Application ID>/oauth2/token
URLHave Configured below for POST Body
ClientID is ApplicationID from Application created at 1st step
Code is Also ApplicationID from Application created at 1st step
Not sure if I have configured it correctly
4) Using Same access code when I try to send an Request I am getting below error response
`{ "error": "invalid_grant", "error_description": "AADSTS9002313: Invalid request. Request is malformed or invalid.\r\nTrace ID: 60b8fb68-40d5-43da-9b7b-36de021c2900\r\nCorrelation ID: 90ed2f2c-1ac8-4044-8742-493a3fce51be\r\nTimestamp: 2019-07-03 12:42:32Z", "error_codes": [ 9002313 ], "timestamp": "2019-07-03 12:42:32Z", "trace_id": "60b8fb68-40d5-43da-9b7b-36de021c2900", "correlation_id": "90ed2f2c-1ac8-4044-8742-493a3fce51be" }
Please let me know where I am wrong or something needs to be changed.
-
Anand Deshmukh almost 5 yearsDo I need active subscriptions in azure while making making above call for authorization code ? I am doing this proof of concept before actual implementation in my code. ??
-
Abraham Linkon almost 5 yearsYeah you need that. In that case may not get token.
-
djdance over 2 yearslet code=location.search.split('code=')[1]; code=code.split('&')[0]; //add this