Add an example to the quickstart for acquiring a token using the client credentials grant with federated credentials

Question

Add an example to the quickstart for acquiring a token using the client credentials grant with federated credentials

colinrippeyfinarne opened this issue 8 months ago · 1 comments

colinrippeyfinarne commented 8 months ago

I am trying to test out as much of a standalone scenario of acquiring a token from a federated credential using the low level client credentials grant as documented here:

https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow#third-case-access-token-request-with-a-federated-credential

I have used the quickstart documentation to get my discovery document and JWKS generated and uploaded to an Azure storage account using the manual steps and the azwi tool.

I want to next use the client credentials grant flow to test if my token gets returned by executing some very basic steps, It would be great if the docs had an example of doing the following:

generate the keys using openssl
generate the ssl cert from the keys that is used in the client assertion
generate the client assertion (this is the key step I think how to make sure this "maps" to the correct entry in the JWKS doc)
call the Entra ID token endpoint using the client credentials grant flow

I think the issue I am running into is I am unclear how to construct the JWKS document so that it will match the contents of the client assertion I need to post to the Entra ID token endpoint.