3.2.5.2.1.1 Request Body

The format of the request is defined in [RFC6749] sections 4.1.3 (Access Token Request) and 6 (Refreshing an Access Token), and in [IETFDRAFT-DEVICEFLOW-11] section 3.4 (Device Access Token Request).

In addition to the POST body parameters described in [RFC6749] section 4.1.3 and [IETFDRAFT-DEVICEFLOW-11] section 3.4, the OAuth 2.0 client can choose to send the following additional parameters:

requested_token_use: OPTIONAL. See sections 2.2.3 and 2.2.3.1.

assertion: OPTIONAL. See sections 2.2.3 and 2.2.3.2.

resource: OPTIONAL. See sections 2.2.3 and 2.2.3.3.1.

use_windows_client_authentication: OPTIONAL. See sections 2.2.3 and 2.2.3.4.

csr: OPTIONAL. See sections 2.2.3 and 2.2.3.5.

csr_type: OPTIONAL. See sections 2.2.3 and 2.2.3.6.

tbidv2: OPTIONAL. See [IETFDRAFT-TOKBINDPROT].

Note: If the request is an OAuth device flow request [IETFDRAFT-DEVICEFLOW-11], the AD FS server accepts the following alternatives for the parameters defined in [IETFDRAFT-DEVICEFLOW-11] section 3.4:

  • The grant_type parameter can be set to "device_code".

  • The AD FS server will accept the presence of either the device_code parameter or the code parameter (or both). The code parameter has the same semantic meaning as device_code. If both parameters are present, the values MUST be the same.