OAuth 2 Client Credentials grant in AzureAD - nordvall/TokenClient GitHub Wiki

This grant is used when the Client wants to authenticate as itself to a service.

Request token

Example request:

POST /instanceguid/oauth2/token?api-version=1.0 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: login.windows.net
Content-Length: 159

grant_type=client_credentials&resource=https%3A%2F%2Flocalhost%3A18181&client_id=246e3879-8495-49fc-ad95-d79521b6ed94&client_secret=abc123

Parameters:

Name Value Example
grant_type the OAuth 2 grant type Always client_credentials in this flow
resource The App id value of the application you want an access token to https:// localhost:1818.
client_id The Client Id value of another registered application in Azure AD a guid
client_secret One of the secret keys of the client, as configured in Azure AD abc123

Server response

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
    "token_type":"Bearer",
    "access_token":"*token*",
    "expires_in":"43199",
    "not_before":"1391159457",
    "expires_on":"1391202657",
    "resource":"https://localhost:18181"
}

Now you can grab the access_token and use it for 43199 seconds.