I have the access token for my user, via the management api and the proper permissions configured, however the audience my my users access token is set to ‘https://graph.windows.net’ instead of ‘https://graph.microsoft.com’.
I’m using an Enterprise WAAD Connection, to mock a customer. All the permissions I’m looking for are proper on my user. however on all api request from the Microsoft’s graphApi responds with the message “Access token validation failure. Invalid audience.” and the only difference between the accessToken that works and doesn’t work is the audience on the access token.
Within your enterprise connection, you need to ensure that your Azure AD setting for Identity Api is set to “Microsoft Identity Platform (v2)”. My issue was that I was using Azure Active Directory (v1).