MS Graph Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. while getting refresh toekn

huangapple go评论79阅读模式
英文:

MS Graph Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. while getting refresh toekn

问题

我正在尝试从Javascript获取MS Graph API的访问令牌和刷新令牌。
在从以下API获取Authcode时运行正常:
https://login.microsoftonline.com/{TenetID}/oauth2/v2.0/authorize
但是当尝试从以下API获取刷新令牌和访问令牌时:
https://login.microsoftonline.com/{TenetID}/oauth2/v2.0/token

但是始终收到以下错误消息:
跨源令牌赎回仅允许“单页应用程序”客户端类型。获取刷新令牌时

我已经在Azure端使用了SPA和Web两种平台,但没有成功,请建议正确的解决方案。

英文:

I am trying to get access token and refresh token of MS Graph API from Javascript .
It works fine while getting Authcode from following API :

https://login.microsoftonline.com/{TenetID}/oauth2/v2.0/authorize
But when trying to get RefreshToken and Access token from following API :
https://login.microsoftonline.com/{TenetID}/oauth2/v2.0/token'

But getting following error all the time :

Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. while getting refresh toekn

I have Used SPA & Web both plateform at Azure side but no luck please suggest for correct solution

答案1

得分: 3

请仔细检查您正在使用的身份验证流程,确保不要混淆请求。如果您正在使用适用于单页应用程序的客户端凭据流程,而它实际上是用于服务器端保密客户端应用程序的流程,那么就会出现此错误。这是因为对于单页应用程序,无法确保客户端密钥的安全性。请确保您正在实施适用于单页应用程序的授权码流程。或者,您可以使用MSAL来进行实现,它可以处理身份验证并仍然允许您获取刷新令牌。

还可以查看您发送到这两个端点的有效载荷,以帮助确定问题的根源。

英文:

Double check on the Auth-flow you are using and ensure you are not mismatching the requests. This error arises if you are using a Client Credentials Flow which is intended for server side confidential client applications on your Single Page App. This is because for SPA, it is not possible to secure the client secret. Ensure you are implementing the authorization code flow which is meant for SPAs. Alternatively implement using MSAL which can handle authentication and still allow you to get refresh tokens.
It would also be good to see the payload you are sending to the two endpoints to help determine where the issue is coming from.

huangapple
  • 本文由 发表于 2023年7月18日 02:53:09
  • 转载请务必保留本文链接:https://go.coder-hub.com/76707346.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定