question

julienderoche-8922 avatar image
0 Votes"
julienderoche-8922 asked amanpreetsingh-msft commented

Unable to get a delegated access token with Postman

Hello the team,

I'm trying to configure Postman with the documentation provided by microsoft https://docs.microsoft.com/en-us/graph/use-postman.

I have an issue to get a delegated access token. I don't see what i've done wrong, i have the good rights.

I have this error message:

https://oauth.pstmn.io/v1/browser-callback?error=access_denied&error_description=AADSTS650057%3a+Invalid+resource.+The+client+has+requested+access+to+a+resource+which+is+not+listed+in+the+requested+permissions+in+the+client%27s+application+registration.+Client+app+ID%3a+5c74ce24-02bb-416b-934d-7f1cfa25a981(Postman).+Resource+value+from+request%3a+https%3a%2f%2fapi.manage.microsoft.com%2f.+Resource+app+ID%3a+c161e42e-d4df-4a3d-9b42-e7a3c31f59d4.+List+of+valid+resources+from+app+registration%3a+00000003-0000-0000-c000-000000000000.%0d%0aTrace+ID%3a+a8951586-8558-458d-b49d-465005024d00%0d%0aCorrelation+ID%3a+c2183598-649a-4c63-8d8d-23f95a7bea9d%0d%0aTimestamp%3a+2021-07-15+07%3a32%3a29Z#

On Step 5 i'm not asked to fill out the differents informations (ClientID, Client Secret etc). I did it anyway and i'm just able to sign in but i have an access issue...

Thanks for your help.

Regards

azure-ad-app-registration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @julienderoche-8922 · Thank you for reaching out.

By looking at the error, I can see that you are requesting a token for the resource https://api.manage.microsoft.com/, which is Microsoft Intune. However, the application (5c74ce24-02bb-416b-934d-7f1cfa25a981), does NOT include any delegated permissions for Intune.

Under API permissions blade of the application, you need to add required delegated permissions available under Microsoft Intune. Please refer to below steps:

115009-image.png

Once above steps are performed, you should be able to acquire token using Postman. Make sure that you either use exact scope name e.g., https://api.manage.microsoft.com/get_data_warehouse or https://api.manage.microsoft.com/.default while requesting for token.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


image.png (62.3 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Amanpreetsingh,

It's ok now i found my answer here https://docs.microsoft.com/en-us/answers/questions/370508/getting-34invalid-client-secret-is-provided34-erro.html and once again thank to you

Regards

0 Votes 0 ·

Hi @julienderoche-8922 · Glad to hear that. Please Accept the answer to help others in the community facing similar issue.

0 Votes 0 ·
julienderoche-8922 avatar image
0 Votes"
julienderoche-8922 answered

Hi Amanpreetsingh,

Thanks for your help, however i have a new error

"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: b9210e60-2a0e-46fe-b6bf-53b82d120700\r\nCorrelation ID: d08ef03c-a465-47f6-8fd1-67784b817459\r\nTimestamp: 2021-07-16 08:16:56Z","error_codes":[7000215],"timestamp":"2021-07-16 08:16:56Z","trace_id":"b9210e60-2a0e-46fe-b6bf-53b82d120700","correlation_id":"d08ef03c-a465-47f6-8fd1-67784b817459","error_uri":"https://login.microsoftonline.com/error?code=7000215"}

I don't understand because it's the good one.... maybe the scope is not the good one, i put https://api.manage.microsoft.com/.default

Thanks for your help

Regards

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.