OAuth 2 Implicit Grant in AzureAD - nordvall/TokenClient GitHub Wiki

This flow seems not to be working in Azure AD.

Request:

GET /instanceid/oauth2/authorize?api-version=1.0&response_type=token&client_id=246e3879-8495-49fc-ad95-d79521b6ed94&resource=https%3A%2F%2Fgraph.windows.net HTTP/1.1
Host: login.windows.net

Request according to AzureAD endpoints, OAuth 2 standard parameter names and correct clientid and resource parameters.

Response:

HTTP 302 Found
Location: https://login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm=https%3a%2f%2flogin.windows.net%2f&wreply=abc

Request:

GET /login.srf?wa=wsignin1.0&wtrealm=https%3a%2f%2flogin.windows.net%2f&wreply=abc
Host: login.microsoftonline.com

User logs in...

Request:

POST instanceid/wsfederation HTTP/1.1
Host: login.windows.net

wctx=something&wa=wsignin1.0&wresult=*saml 1.1 assertion*

Response:

HTTP 302 Found
Location: https://redirectaddress/?error=unsupported_response_type&error_description=AADSTS70005%3a+The+WS-Federation+sign-in+response+message+contains+an+unsupported+OAuth+parameter+value+in+the+encoded+wctx%3a+%27response_type%27