php - Unable to get tokens for app using code from azure graph

640

I have created an app in http://apps.dev.microsoft.com/ and tried to connect from my web application Here is my code:

  $data = array (
          'code' => $code,
          'client_secret' => 'C2A32632155A3270220244A5774431C58126F9B5',
          'client_id' => '49c1c823-b423-4673-af57-7be1ab39e386',
          'grant_type' => 'authorization_code',
          'redirect_uri' => 'http://localhost/crm/contacts/connectOffice',
          'scope' => 'offline_access Contacts.ReadWrite'
        );
    $url = 'https://login.microsoftonline.com/common/oauth2/v2.0/token';
    $curl = curl_init($url);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);      
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);  
    $result = curl_exec($curl);

I get the response :

[error] => invalid_client [error_description] => AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided. Trace ID: 47f5eaa3-2ea0-45bc-9bfa-8457395ae354 Correlation ID: 3007e67d-120d-4cf1-a0e6-1863d202b233 Timestamp: 2017-01-12 13:12:28Z [error_codes] => Array ( [0] => 70002 [1] => 50012 )

[timestamp] => 2017-01-12 13:12:28Z
[trace_id] => 47f5eaa3-2ea0-45bc-9bfa-8457395ae354
[correlation_id] => 3007e67d-120d-4cf1-a0e6-1863d202b233

I am quite sure that I have provided the correct client secret and client Id in the request but still I get this error all the time . Can anyone suggest where I may be going wrong or what more do I need to do to correct this ?

150

Answer

Solution:

The value you're using in your client secret field right now is actually a Public Key that is generated if you hit theGenerate New Key Pair button.

For what you're trying to do, you'll want to hit theGenerate New Password button in the portal to get a 23 character client secret. That should allow you to get an auth code.

One other thing, make sure if you're trying to get an auth code you use the correct authorization endpointhttps://login.microsoftonline.com/common/oauth2/v2.0/authorize. The url you have above is used when you have an auth code and want to exchange it for tokens.

People are also looking for solutions to the problem: html - Php 7 form doesn't work with enctype="multipart/form-data" and method="post"

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.