OAuth 2.0 and Azure Active Directory - AADSTS90009 Error

Question

OAuth 2.0 and Azure Active Directory - AADSTS90009 Error

I am trying to allow access to our web application using OAuth 2.0 and Azure AD. The manual is here .

The user is redirected to a similar URL:

https://login.microsoftonline.com/common/oauth2/authorize? client_id=d220846b-1916-48d2-888b-9e16f6d9848b& response_type=code& response_mode=query& state=[secure-random]& redirect_uri=[my_uri]& resource=[my app ID uri taken from app settings]

I get the following error:

AADSTS90009: The application 'd220846b-1916-48d2-888b-9e16f6d9848b' is requesting a token for itself. This scenario is only supported if the resource is specified using a GUID-based application identifier.

This description does not really help me. I checked this thread , but I'm still lost.

What does this error mean and which is a GUID-based application identifier? What should the value of the resource look like? Thank you very much.

+5

oauth-2.0 azure azure-active-directory

Lachezar balev Feb 02 '17 at 15:46

source share

1 answer

Daniel Dobalian · Accepted Answer · 2017-02-02T17:48:04+0000

This error indicates that the field that you specified in the resource parameter is requesting tokens for itself. In case you want to get a token for the application specified in client_id, then you should pass client_id in the resource field, and not in the application identifier URI. At this point, you will receive an access token for yourself.

Alternatively, you can provide the URI of the application ID of the registered web API or other resource with areas for receiving tokens for this resource (Microsoft Graph, Office API, etc.).

OAuth 2.0 and Azure Active Directory - AADSTS90009 Error

More articles: