question

Kglay-2745 avatar image
0 Votes"
Kglay-2745 asked JamesTran-MSFT commented

AzureAD Authorization Code Issue

Hello, currently I'm developing Web Portal using AzureAD + Outsystems ( with Microsoft Login Connector Forge ).
But my 1st step is to get Code + State. So i'm trying to paste the url in browser first. But seems like the return code is incorrect and cannot use in my Forge ( lib ) also. Pls correct me if i am wrong. Thanks all.
My ref link : https://github.com/uglide/azure-content/blob/master/articles/active-directory/active-directory-protocols-oauth-code.md

Here's my request url :


 https://login.microsoftonline.com/3bb279cb-438f-477f-9362-db56c20e9167/oauth2/authorize?
 client_id=c748cb13-fe35-496b-9a9d-199bdb60e117
 &response_type=code
 &redirect_uri=https://phyo.outsystemscloud.com/MicrosoftLoginConnector/Callback.aspx
 &response_mode=query
 &state=12345

Here's the response url :

 https://phyo.outsystemscloud.com/MicrosoftLoginConnector/Callback.aspx?code=0.AAAAy3myO49Df0eTYttWwg6RZxPLSMc1_mtJmp0Zm9tg4RdwANQ.AQABAAIAAAD--DLA3VO7QrddgJg7WevrvYwT2T7rxFlhM-vrm1ESZwY_cMDqUOiG4bYQH1GRf1RpTKyBQrBWYWJ7rXIGwiOSgXHxV0ZSQ8aYT5JJCdmMbPexjPWpYLWopkNz1L2QH00E8WXHoAE0i_s4cZcfi2nPytIqzDkTuZ41jT4TSelRDP1LnAM_RmyAT_cWxe4jXdroXa11z3iNJpOMkrFkqXVaSF-xt1seAZQIKwrSlwb5sJNh3If6-DXgjtUoesrkm3KiyFawcfNEJUI0q4tsp0CHwmIJCFcjNrps6ImVOT6nHReZlVVxQ9IWp1W83VjMCsqfngzePoy-rZhwZx0SekwjBPXHGjTGrR8nuf5O2OJETs0Mo3mGLQFAoCo13x6PbWUPMJWz1NgT0na24a_mlX3WzzYwc4ashkfN92g1Jt63lcr2nJMPuPkJw4__TwndFjCizpDJkIQyUtQMGfGc31WG_-4Y3IOjMgE6AyRlD_CzE2UCNU4d3ZzH31DgWT74q_0FFLZ4y8SQ375ChdPDwQ29BNPgxMeyprY84JFM872m7zX6a1mmiTUPWIgIKrRg06CiYBYVBloen0vcp8vtwCuFcq3NcsbwR8XYeNTDGmK-oC1pBkxOp0MP7BJIIoLgeLyIMJDXPBEZGSwIzwQGNG-elToQUrIVi4BkgLvU_rObcAPqq4zWSq5SfcXC3loDX9MfLcg3QX8rXC4zAzdEfqWTassDPv64zcZ9schcfPjrlfFnCx8FxfRQz5IJnPWvIlywc9CpIOzPilXROqDBWnMPYiHihoXDS-yPDtkOR58zH3G8V7EgU6T0gc2FMUV4v4s6QKV-g_G2PV7SXu48WiloahAx--UOIoV3THEM3Ty3xiR93UTGz7sTvFxzXr3bqkWZ-K9WXNPLAixCaOzlorXJyRR2wmE_yb9cA4gzkMPTMzBsfWa8lxTGD8rD3s8sqy3eeO2mvmmjG2LVlNbQCEu73vaPE9JyojRzv1AfrrOPxRpgXu3DoBkTdMn6IlS927ZM59ZwFSRsQP3Dqzu0XI8XfYjd-_B2LZhtsEz0AkDP35ye-XaraPG552lwG-c89q2QfOzI7jRQUf1LoikA9r_3bOnI-43EQiP3tTaELHukcO7omSSXf76kf1YSX1SILKWlr7fa-OixqfGFLtju-devOGpLN42-Ed14b3vjUrbfrarnwYs1kZqeAOcgoBHc4kmQa9m3Z0qO3Aj9XVTBTR1dUkYcf64VlGP-Nw_81FSyhNcDQIk5yflIixx30adFez0vykte-Xz9N0tMA__CPI0_IAA&state=12345&session_state=b47cfd3b-9f48-460c-99ff-19b791f21a79#





azure-ad-authentication
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

soumi-MSFT avatar image
0 Votes"
soumi-MSFT answered JamesTran-MSFT commented

Hello @Kglay-2745, thank you for reaching out. The Authorization Code Grant flow has the following steps involved.

  1. Fetch a code from the /authorize endpoint of AAD.

  2. Once you have the code, then you make a call to the /token endpoint of AAD to fetch the access-token

  3. Once you have the access-token, that's when you send the access-token to the AAD protected resource and get yourself authorized by the resource and gain access to it.


If you check the GitHub article, it speaks the same steps in more detail: https://github.com/uglide/azure-content/blob/master/articles/active-directory/active-directory-protocols-oauth-code.md

An AAD protected resource is only concerned about the access-token, which is in JWT format and that can be decoded and an access-token contains the permissions and other claims that would be used by the AAD protected app. Hence, the code that you are trying to use directly with the AAD protected resource (Outsystems) is erroring out.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@Kglay-2745
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 Votes 0 ·