Always getting unauthorized when trying to connect to my tenant

Question

Always getting unauthorized when trying to connect to my tenant

alaurie opened this issue 6 years ago · 2 comments

Have you been manually setting up permissions in Azure AD for the app? I created a new app registration in the Microsoft app portal, created the secret ID, app Id etc. Setup what permissions the app will require. But when connecting and getting a token I always get unauthorized when trying to connect to my tennant. If I try device login I just receive a portal login error in the browser about admin consent.

Any pointers would be appreciated.

Answer 1 · 2018-11-15T14:29:03.000Z

Things to take into account (in my experience, which is basically from trying with the Azure Management APIs):

First you create the app registration in Azure AD, and you give it permissions for using an API (Azure Management APIs, for example). Giving an app permission to use an API in Azure AD doesn't really give it any permissions)
Then you go to Azure and you give the app specific permissions for whatever it can do (what resources it can access)

Also it's very important to get the resource_id URL right. Each API (MS Graph, Azure, etc have their own resource ids). I had an episode where an extra slash was impeding authentication.

Try to get https://github.com/pplu/azure-ad-auth/blob/master/examples/device_login.pl working.

Hope it helps 😄

P.D: please send some feedback about what you're doing, and if you finally got it to work.

Answer 2 · 2018-11-23T14:44:03.000Z

Hi,
Did you get it to work for you?