2

Problem: I'm trying to use Postman to get an valid Azure AD access token that I can then use to pass on a request to an Azure Function protected by Azure Active Directory (Easy Auth).

I've read / viewed numerous explanations on how to do this. CGillum's entire blog for example. Some of the best ones (that don't quite work for me) are:

I've verified that my ClientID, secret, and callback are all correct. I've ensured I have (what I think are) the correct permissions to the app I registered in my directory. I've got back a valid Bearer tokens in both of the first two examples above. No matter what though, when I pass this token back in the Authorization header I get a message that states "You do not have permission to view this directory or page."

My hope at this point is that someone reading this will point out the obvious thing that I missed.

Thanks in advance

ThatCreole
  • 495
  • 1
  • 7
  • 17
  • What is the resource URI you use when you get the access token? For example, if I wanted a token to access Azure AD Graph API, I would use the `https://graph.windows.net` resource URI. This should match what is configured for the app in AAD. – juunas Dec 04 '17 at 07:00
  • Great question! I was using https://.azurewebsites.net – ThatCreole Dec 04 '17 at 07:03
  • That is probably wrong. You can find the app by finding the Azure Active Directory blade in Azure portal -> App Registrations – juunas Dec 04 '17 at 07:04
  • Hmm is the resource URI you're talking about the same as the "App ID URI"? Because that's a madeup bogus thing that it automatically generated when I registered the app. – ThatCreole Dec 04 '17 at 07:09
  • Yes that one! It's an identifier for the app :) – juunas Dec 04 '17 at 07:10
  • Ok I tried that thingy for the Auth URL and Postman hangs lol. It looks like this: `https://login.windows.net/common/oauth2/authorize?resource=https%3A%2F%2F%2F` Maybe I'm supposed to change that thing? Hmm... – ThatCreole Dec 04 '17 at 07:12
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/160401/discussion-between-thatcreole-and-juunas). – ThatCreole Dec 04 '17 at 07:16

1 Answers1

4

We could use the following way to get the easy auth token easily.

1.Vist the following url from browser and input your creditial.

https://{yourfunctionAppName}.azurewebsites.net/.auth/login/aad

enter image description here

2.After that we could get the easy auth token after decode the url.

enter image description here

3.Test it with Postman

enter image description here

Tom Sun - MSFT
  • 24,161
  • 3
  • 30
  • 47
  • I am in a similar situation at the moment but I want to generate easy auth token from Postman too rather than generating it manually. Is there a way to get easy auth token through postman by making http calls just like we do from UI ? – vvvvaib May 03 '18 at 11:57