Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Post an Article
Welcome To Ask or Share your Answers For Others

Categories

java - How to grant the client application access to the requested scope in microsoft azure

0 votes
169 views
in Technique[技术] by (71.8m points)

java - How to grant the client application access to the requested scope in microsoft azure

I'm getting this error

com.microsoft.aad.msal4j.MsalInteractionRequiredException: AADSTS70000: The request was denied because one or more scopes requested are unauthorized or expired. The user must first sign in and grant the client application access to the requested scope.

Trace ID: add5eedb-86d5-41bc-bad3-129298e3ca00
Correlation ID: 1d2ab508-8ec6-49d7-abaa-d1b8feaedda8

I register app in Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) azure account

Api permission :

Delegated :

  • Calendars.Read

  • Calendars.ReadWrite

  • offline_access

  • openid

  • profile

  • User.Read

  • User.Read.All

  • email

  • Mail.Read

Application :

  • Calendars.Read
  • Calendars.ReadWrite

I give the required permission and scope (Expose an Api) in azure portal still I'm getting this error. I tried to solve this error for more then a days I don't understand What am I doing wrong ?

It was not asked calendar's permission when user login.

enter image description here

How can I solve this error?

Thanks in advance.

SOLVED

I have solved this problem by adding Calendars.ReadWrite scope in AuthorizationRequestUrlParameters

question from:https://stackoverflow.com/questions/65845115/how-to-grant-the-client-application-access-to-the-requested-scope-in-microsoft-a

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I have solved this problem by adding Calendars.ReadWrite scope in AuthorizationRequestUrlParameters

Into below string updatedScopes I had passed null so it's consider default scope of microsoft and not asked calendar permission.

String updatedScopes = scope == null ? "Calendars.ReadWrite" : scope;
        
PublicClientApplication pca = PublicClientApplication.builder(clientId).authority(authority).build();
AuthorizationRequestUrlParameters parameters = AuthorizationRequestUrlParameters
.builder(redirectURL,Collections.singleton(updatedScopes))
.responseMode(ResponseMode.QUERY)
.prompt(Prompt.SELECT_ACCOUNT).state(state).nonce(nonce)
.claimsChallenge(claims).build();

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

Just Browsing Browsing

1.4m articles

1.4m replys

5 comments

56.9k users

Most popular tags

Snow Theme by Q2A Market
Powered by Question2Answer
...