question

Dannykr-0201 avatar image
0 Votes"
Dannykr-0201 asked ZZHOU317878315 published

API response ERROR - AADSTS700009: 'redirect_uri' must be provided when presenting an authorization code requested with a 'redirect_uri'

Hello,

The api was working before and not I get this error while trying to get an access token.

First I reach to this URL

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=<CLIENT ID>&response_type=code&scope=offline_access openid https://outlook.office.com/User.Read&redirect_uri=<MY RETURN URI>&state=office365

Then I get the token and make this call in order to get the access token (POST request):

URL
https://login.microsoftonline.com/common/oauth2/v2.0/token


Array
(
[client_id] => <MY CLIENT ID>
[client_secret] => <MY SECRET ID>
[code] => <CODE FROM PREV REQUEST>
[grant_type] => authorization_code
[scope] => offline_access openid https://outlook.office.com/User.Read
)

Then I get this response:

Array
(
[error] => invalid_grant
[error_description] => AADSTS700009: 'redirect_uri' must be provided when presenting an authorization code requested with a 'redirect_uri'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2021-01-04 18:20:59Z
[error_codes] => Array
(
[0] => 700009
)

 [timestamp] => 2021-01-04 18:20:59Z
 [trace_id] => <trace_id>
 [correlation_id] => <correlation_id>

)


The URL in my application account is identical to the <MY RETURN URI>.

What can be the issue?

Thanks.

azure-active-directoryazure-webapps-apis
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

soumi-MSFT avatar image
0 Votes"
soumi-MSFT answered

Hello @Dannykr-0201, thank you for reaching out. Can you please try to use the following requests once?

Request to /authorize endpoint: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=<client_id>&response_type=code&redirect_uri=<redirect_uri>&response_mode=fragment&scope=openid%20offline_access%20https%3A%2F%2Foutlook.office.com%2Fuser.read&state=12345

Request to /token endpoint: https://login.microsoftonline.com/common/oauth2/v2.0/token
53425-authcodeflow.png

These requests are pretty similar to yours just that it has little change in them.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.




authcodeflow.png (32.7 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Dannykr-0201 avatar image
0 Votes"
Dannykr-0201 answered

Hello @soumi-MSFT thank you for your response,

Unfortunately adding the "response_mode=fragment" to the URL didn't make a difference.

Please note that I do get a resonse and a "code" string from the first request, the issue is within the second request where I need to get the "access_token".

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ZZHOU317878315 avatar image
0 Votes"
ZZHOU317878315 answered ZZHOU317878315 published

I have unchecked(removed) the redirect_uri for getting authorization code, and it works fine to get the Access Token...

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.