Microsoft graph API: Unable to fetch users with the generated access token

Question

I have registered the application in Azure portal and i have generated the client_secret. I require the client grant flow and i have given application permissions also. I have g

Answer 1

When using the OAuth 2.0 Client Credentials Grant flow, your scope value should use the built-in .default scope for the resource your are trying to access. This is mentioned in the reference article: Microsoft identity platform and the OAuth 2.0 client credentials flow

In your case, the resource you are trying to access is Microsoft Graph, so your scope value in the token request should be https://graph.microsoft.com/.default:

https://login.microsoftonline.com/{tenant-id-or-domain}/oauth2/v2.0/token
    &grant_type=client_credentials
    &client_id={client-id}
    &client_secret={client-secret}
    &scope=https%3a%2f%2fgraph.microsoft.com%2f.default

Note that for this to succeed, the app's required permissions must be configured (Azure portal > Azure Active Directory > App registrations > API permissions) and granted: