Share all details about your problem, including any error messages you may have received.
Hi all, I am currently setting up a web service connector and using OAuth2 Authentication method.
Under Token URL, I am trying to retrieve the access token using the client secret. My input is as below without the actual values as they are confidential.
May I know if this is a possible way to input Token URL field as such? Since I am getting Error: Exception occurred while generating access token… Refer to screenshot above for full error. Please advise or suggest.
You’re currently using Azure V2.0, and you need to update the resource to the correct scope. The scope value should be set to {app id URI}/.default, but you’ve specified it as api://{app-id}/.default.
scope={app-id-URI}/.default
Please refert below
# Replace {tenant} with your tenant!
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=00001111-aaaa-2222-bbbb-3333cccc4444&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=A1bC2dE3f...&grant_type=client_credentials' 'https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token'
I managed to curl successfully but would like to understand how does this translate into the the token url field?
Also if I would need to extract the access token value from the token url to put into my test connection header would that be possible? Access token value to be replaced in the part of the image highlighted in yellow below.
This is the curl response {"token_type":"Bearer","expires_in":599,"ext_expires_in":599,"access_token":"<<Actual access token value>>"}
Can I check if I can directly input the url as such in Token URL Field: https://login.microsoftonline.com/{DirectoryID}/oauth2/v2.0/token?client_id={ClientID}&grant_type=client_credentials&client_secret={ClientSecret}&scope=https://{URL}/.default will the access token from the response be automatically extracted?
I managed to use the Before Operation rules to customize to retrieve the access token from the Token URL and put in the header field. Would like to confirm if I only use Before Operation rule instead while keeping the below screenshots UI portion empty would that be any impact?
Hi @officialamitguptaa managed to use a before operation rule instead, because even with the actual values provided in the client_id and client_secret, it is throwing the error. But I would now like to understand if I were to skip the setup in the UI and purely use the Before Operation rule, is there any other impact?
@shijingg - I would request you apply the changes suggested by me in the previous post and let me know the outcome. It will hardly take couple of seconds before we come to any conclusion.
@Arun-Kumar@officialamitguptaa since trying all the steps did not work and this works can I just check any impact with just performing everything in a Before Operation rule?
Hi @Arun-Kumar@officialamitguptaa any updates on whether there is any issues if I keep Authentication Method to No / Custom Authentication and just extract Access Token to add it to the header in a Before Operation Rule? I just need confirmation on this to proceed.
There is no restriction. You can use No / Custom authentication as long as the web application supports it.
Make sure WebServiceBeforeOperationRule defined.
