Graph API get token

peter-scurka · September 8, 2020, 5:01am

I am trying to get a Graph API token on behalf of the user. I am following this document https://docs.microsoft.com/en-us/graph/auth-v2-user and everything works well until step 3 Get a Token. Here is the code I am using:

Add-Type -AssemblyName System.Web

$clientIDEncoded = [System.Web.HttpUtility]::UrlEncode($clientid)

$redirectUriEncoded = [System.Web.HttpUtility]::UrlEncode(“https://login.live.com/oauth20_desktop.srf”)

$scopeEncoded = [System.Web.HttpUtility]::UrlEncode(“https://graph.microsoft.com/.default”)

Function Get-AuthCode {

Add-Type -AssemblyName System.Windows.Forms

$form = New-Object -TypeName System.Windows.Forms.Form -Property @{Width = 440; Height = 640 }

$web = New-Object -TypeName System.Windows.Forms.WebBrowser -Property @{Width = 420; Height = 600; Url = ($url -f ($Scope)) }

$DocComp = {

$Global:uri = $web.Url.AbsoluteUri

if ($Global:uri -match “error=[^&]|code=[^&]”) { $form.Close() }

}

$web.ScriptErrorsSuppressed = $true

$web.Add_DocumentCompleted($DocComp)

$form.Controls.Add($web)

$form.Add_Shown( { $form.Activate() })

$form.ShowDialog() | Out-Null $queryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query)

$output = @{}

foreach ($key in $queryOutput.Keys) {

$output[“$key”] = $queryOutput[$key]

}

$output

}

# Get AuthCode

$url = “Sign in to your account”

$authcode = (Get-AuthCode).values

Write-output “Received an authCode, $authCode”

$body = “grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&code=$authCode&scope=$scopeEncoded”

$tokenResponse = Invoke-RestMethod Sign in to your account -Method Post -ContentType “application/x-www-form-urlencoded” -Body $body

</code>I get the authcode something like that </pre>

<pre class=“lang-bsh prettyprint prettyprinted”><code>Name Value

----

----- code M.R3_BAY.f659093f

-3327-c99b-

e219-9b3c7f82fd95 lc

1051 </code></pre> <pre class=“lang-bsh prettyprint prettyprinted”> and then when I try to get a token I get this error message

</pre>

<pre class=“lang-bsh prettyprint prettyprinted”><code>$body =

“grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&code=$authCode&scope=$scopeEncoded” $tokenResponse

= Invoke-

RestMethod https://login.

microsoftonline.com/

common/oauth2/token

-Method Post -ContentType “application/x-www-form-urlencoded”

-Body $body

` Received an authCode, M.R3_BAY.c622845d-f126-9017-134f-e79f3a24c4d4 1051 *

Invoke-RestMethod : { “error”:“invalid_grant”, “error_description”:“AADSTS9002313: Invalid request. Request is malformed or invalid.\r\nTrace ID: 194d7f79-af2e-46e1-b287-c14c364b0200\r\nCorrelation ID: 1348166c-c93c-4cc6-8e57-0c2d32ab2b78\r\nTime stamp: 2020-09-05 23:53:19Z”, “error_codes”:[9002313], “timestamp”:“2020-09-05 23:53:19Z”, “trace_id”:“194d7f79-af2e-46e1-b287-c14c364b0200”, “correlation_id”:“1348166c-c93c-4cc6-8e57-0c2d32ab2b78”, “error_uri”:“https://login.microsoftonline.com/err or?code=9002313” } At line:47 char:18 + … nResponse = Invoke-RestMethod https://login.microsoftonline.com/commo … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException, Microsoft.PowerShell.Commands.InvokeRestMethodCommand

russtym · October 20, 2020, 2:08am

Hi Peter,

I don’t know if this article will help, but it’s what I use to setup my PowerShell connects to the Microsoft API.

See if this helps?

Cheers

Russtym

Topic		Replies	Views
Help : Calling an API, having hardtime signing the query PowerShell Help	14	103	April 23, 2024
INVOKE-RESTMethod Issue (401) PowerShell Help	2	218	June 11, 2018
New devices enrolled in Intune PowerShell Help	4	184	November 22, 2023
trying to get data from Azure Devops espeically from Queries PowerShell Help	2	171	May 18, 2019
API Auth using Base64 Encoding PowerShell Help	1	352	August 10, 2019

Graph API get token

Related Topics