AzureAD AuthProvider + Microsoft Graph API

Hi there,

My issue is the very similar that in this closed post about using the AuthProvider Access Token to call Microsoft Graph API.

I’ve followed up the tutorial but encountered an error :
Access token validation failure. Invalid audience.

In the cited post, it was mentionned to adjust the audience but without telling how to change the audience and what audience value to specify?

Any idea?
Thank you very much.

1 Like

Have you tried enabling the “Enable Users API” feature for your Azure AD Connection?
Screen Shot 2020-01-03 at 15.25.19

According to our documentation (step #3), this is required in order to make calls to the Azure AD APIs (i.e. Graph).

Hello, I’m having the same issue as @clem.e .

I have the access token for my user, via the management api and the proper permissions configured, however the audience my my users access token is set to ‘https://graph.windows.net’ instead of ‘https://graph.microsoft.com’.

I noticed that this is similar to the issue linked in the original description. “Access Token for Graph API - #2 by James.Morrison”.

I’m using an Enterprise WAAD Connection, to mock a customer. All the permissions I’m looking for are proper on my user. however on all api request from the Microsoft’s graphApi responds with the message “Access token validation failure. Invalid audience.” and the only difference between the accessToken that works and doesn’t work is the audience on the access token.

Would be super grateful for any assistance here.

this is checked for my waad enterprise connection.

Solution:

Within your enterprise connection, you need to ensure that your Azure AD setting for Identity Api is set to “Microsoft Identity Platform (v2)”. My issue was that I was using Azure Active Directory (v1).

Hope this helps someone in the future :slight_smile:

1 Like

Thanks for sharing that with everyone in the community!

1 Like