问题
I have asp.net core web api which is talking to MS Garaph Api.I have Implemented ROPC using service account to talk to onedrive. I have created the MS graph Api app in MS Portal 2 years back using the same service account. The the portal is obsolete now and the App is moved to Azure Portal. But i can get the Bearer token using ROPC and consuming Graph api and its working good.
Now i tried to mimic the same, i have created a new app in azure portal with same credentials and similar Metadata.The service account user type is member in azure Portal. I am getting the following error for the new App
"error": "invalid_grant", "error_description": "AADSTS65001: The user or administrator has not consented to use the application with ID
any ideas would be appreciated.
Thanks in advance
Subbiah K
回答1:
First, you need to be the administrator of the tenant (if you are not a tenant administrator, you cannot give the administrator permission), you can set up user roles according to here process.
Then follow this process to grant administrator consent to the app:
1.Log in to https://portal.azure.com as a tenant administrator.
2.Open the registration of your application in the following location.
3.Go to settings and then the required permissions.
4.Press the grant permission button.
In the Azure portal, I registered the application for testing and used User.Read permission to demonstrate:
Then use the ROPC flow in postman to get the access token:
来源:https://stackoverflow.com/questions/62957977/microsoft-graph-api-ropc-aadsts65001