Get an Azure Active Directory token as a user

Question

I want to be able getting access token while I act as a user (meaning I only have username and password). In all the relevant topics I only see that they try getting the token as administrator of the application (for example, in order to know the clientId), but can I do the same while acting as the user of the application?

Answer 1

As suggested by @Thomas, you can make use of ROPC flow.

In order to get access token as a user, you still need to know values of client_id and tenant_id along with your UPN and password.

Client_Id - Your Application ID

Tenant_Id - Your Directory ID

You can get these values from the person who registered the application by: Go to Azure Portal -> Azure Active Directory -> Your Application -> Overview

After getting those values, make use of Postman to generate the access token.

For that, POST an HTTP request like below that need tenant_id and parameters like below:

https://login.microsoftonline.com/your_tenant_id/oauth2/v2.0/token

• In Postman, Go to Authorization tab and select type as Oauth2.0

• Visit Headers tab and include Content-Type key with value as application/x-www-form-urlencoded

• In Body tab, include parameters like client_id, grant_type, username, password and scope as below:

• Make sure to grant admin consent to required API permissions defined in scope before sending the request.

• Now, send the request and you can get the access token successfully like below:

To know more in detail, please refer below links:

Sign in with resource owner password credentials grant - Microsoft identity platform | Microsoft Docs

Azure registered app error: The user or administrator has not consented to use the application with ID - Stack Overflow