For daemon applications, general recommendation is to use OAuth2.0 Client Credentials grant flow which do not require immediate interaction with the user.
Steps to get the access token for OAuth2.0 for daemon applications as:
- Register your application in your Azure Active Directory tenant.
- In the Certificates & secrets page, in the Client secrets section, choose New client secret and create key and save the value(This key value will not be displayed again).
- In API permissions, select the Application permissions from Microsoft Graph and select right permission needed for application.
- Configure the project with client Id, Tenant Id and Client Secret in configuration file of project.
- Send the post request to https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token endpoint with below request to get the access token.
grant_type = client_credentials
scope = https://graph.microsoft.com/.default
client_secret = secretValue(saved earlier) - Now that you've acquired a token, use that access token(refresh token) to make requests to the resource.
Reference doc:
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow