Validating token from Azure App Service through postman returns 401

Question

I've integrated my application with Azure AD authentication. While I can successfully login through the same, I want to access the response claims sent by AD post re-direction of my application from AD to homepage.

So, I've followed Microsoft Docs to get the response claims. i.e., https://app-name.azurewebsites.net/.auth/me

I can see access-token, id-token etc in my response, while I hit the url from my browser.

Now, for my API URLs to get validated, I've to pass access-token in my authorization header. But, also, I want to validate the passed access token (from API) through Azure service, for which the way is:

POST https://<appname>.azurewebsites.net/.auth/login/aad HTTP/1.1
Content-Type: application/json

{"id_token":"<token>","access_token":"<token>"}

I want to test the same first through postman, but, I get 401 unauthorized.

Answer 1

If you use aad provider, just pass the {"access_token":"<access_token>"} in the body.

See here:

First, login to https://app-name.azurewebsites.net/.auth/me, copy the id_token(not the access_token).

Then in the postman, pass the id_token copied to the {"access_token":"<access_token>"}.