How to get Azure OAuth 2.0 Access Token in 3 steps

We have provided 4 solution to retrieve Azure OAuth 2.0 Access Token using Postman, PowerShell Script, Python Script. All the code are tested &working
How to get Azure OAuth 2.0 Access Token in 3 steps - www.pdfcup.com

Request Azure OAuth 2.0 Access Token from Azure Active Directory using Postman, Python Script, PowerShell Script.

Prerequisite: Make sure you have all the mandatory details before proceeding with the access token request. You must have valid details like “Client ID”, “Client Secret” and “Scope” to generate token from Azure Active Directory.

#1. Get Azure OAuth 2.0 access Token using Postman with 'x-www-form-urlencoded' option.

Follow the same steps and set the variables as defined in Postman Sample below.

  • Step 1:-
    • Past the token URL in the URL section and replace your DirectoryID or TenantID with the URL.
    • Example: "https://login.microsoftonline.com/36h4ug5ug62ov464ufvo53529r8c2/oauth2/v2.0/token"
  • Step 2:-
    • Select the 'body' option and.
    • Then click on the 'x-www-form-urlencoded' option.
  • Step 3:-
    • Add all the Keys such as client_id, client_Secret, scope, grant_type along with its values.
    • Example: Reference is given below, please check it.
  • Stetp 4:- Click on Send Button and you will get Access Token if you have configured everything properly.
    • If you are facing any issue or difficulty while generating token please comment below and share your issue.

Postman Sample: Configure all Postman settings as given below.

Get https://login.microsoftonline.com/{DirectoryID or TenantID}/oauth2/v2.0/token Send
Params Authorization Headers (8) Body . Scripts Tests Settings
none form-data x-www-form-urlencoded raw binary GraphQL
Key Value Description
grant_type client_credentials
client_secret g6hd9dAsCGHtk5477GVJHghGduVVh78GHcSSjvJGD
scope <replace_your_scope>/.default
client_id 195a05a8-89l1-3pd0-j6r8-b214fcb52755
Key Value Description

The "scope" value looks like:-
Sample 1. 'https://drz78loa1.dvm2.dynamics.com/.default'
Sample 2: 'api://hP68sSw3-6ml1-5Q6n-4qZd-m784gfr90q12/.default'

If you are unsure about the scope please contact whoever setup the APP in Azure.

According to Microsoft-
Difference in /{DirectoryID or TenantID}/ , A tenant is a dedicated and isolated instance of Azure AD/Entra ID, while a directory is a container for objects such as users, groups, and applications. You will get this ID from the person who setup the APP in Azure.

According to Microsoft-
Scope: The scope /<replace_your_scope>/ refers to the scope of the authorization (permission) being requested by and/or granted to an application. Scope gives your app access to resources on behalf of the user for an extended time. You will get scope details from the person who setup the APP in Azure.

#2. Get Azure OAuth 2.0 access Token using Postman with 'form-data' option.

Setup the following settings and parameters to generating the OAuth 2.0 Token using Postman.

Get https://login.microsoftonline.com/{DirectoryID or Tenat}/oauth2/v2.0/token Send
Params Authorization Headers (8) Body Scripts Tests Settings
none form-data x-www-form-urlencoded raw binary GraphQL
Key Value Description
grant_type client_credentials
client_secret g6hd9dAsCGHtk5477GVJHghGduVVh78GHcSSjvJGD
scope <replace_your_scope>/.default
client_id 195a05a8-89l1-3pd0-j6r8-b214fcb52755
Key Value Description

#3. Get Azure OAuth 2.0 access Token using PowerShell Script.

Important Instruction: Save the below PowerShell script in your directory with any name. As you can see, I have selected "Downloads" directory and named the file as "get_token.ps1".

#******************************************************************************************************************************************************#
Invoke-RestMethod `
    -Uri "https://login.microsoftonline.com/<DirectoryID or TenantID>/oauth2/v2.0/token" `
    -Method Post `
	  -Body @{
		    "grant_type" = "client_credentials"; 
		    "client_id" = "195a05a8-89l1-3pd0-j6r8-b214fcb52755"; 
		    "client_secret" = "g6hd9dAsCGHtk5477GVJHghGduVVh78GHcSSjvJGD"; 
		    "scope" = "<replace_your_scope>/.default" 
	}
# Output:-
#Open the PowerShell and type the following commands.
PS C\Lourk_Dutch>
PS C\Lourk_Dutch> # This command prints the result in the Shell.
PS C\Lourk_Dutch> .\Downloads\get_token.ps1 | Format-List

token_type     : Bearer
expires_in     : 3599
ext_expires_in : 3599
access_token   : 6IjAuQVVVQWpTcnlqVk9SblVpVkRLSU16TFpXSUcwSmFtZlJNOVZOaG8C1iMjE0ZmNiNTI3NTUiLCJpc3MiOiJodHRwczovL2xvZ2luLm
                 mMjJhOGQtOTE1My00ODlkLTk1MGMtYTIwY2NjYjY1NjIwL3YyLjAiLCJpYXQiOjE3MjA5NDY2MzYsIm5iZiI6MTcyMDk0NjYzNiwiZ
                 XhwIjoxNzIwOTUwNTM2LCJhaW8iOiZQeTFKMVZGQUFBLiIsInN1YiI6IjBkYzhmMzEyLWRkODMtNDExMC1iOWQyLT
PS C\Lourk_Dutch>
PS C\Lourk_Dutch> # This command will save the output to a .txt file and the results will not be printed in the shell.
PS C\Lourk_Dutch> .\Downloads\get_token.ps1 | Format-List > C:\Users\Lourk_Dutch\Downloads\result.txt

#4. Get Azure OAuth 2.0 access Token using Python script with HTTP Request package.

import requests
url = "https://login.microsoftonline.com/<DirectoryID or TenantID>/oauth2/v2.0/token"
client_id     = "195a05a8-89l1-3pd0-j6r8-b214fcb52755"
client_secret = "g6hd9dAsCGHtk5477GVJHghGduVVh78GHcSSjvJGD"

response = requests.post(url, data={"grant_type": "client_credentials", 
                                   "scope":"<replace_your_scope>/.default"}, 
                                   auth=(client_id, client_secret), )

print("Status Code: ",response.status_code)
list(map(lambda x : print(x,":", response.json()[x]) ,response.json()))
print()

About the author

D Shwari
I'm a professor at National University's Department of Computer Science. My main streams are data science and data analysis. Project management for many computer science-related sectors. Next working project on Al with deep Learning.....

Post a Comment