Forum Discussion
Trying to create token with scope https://cnt-prod.loadtesting.azure.com
Hello. I have created a web app, and updated its permissions within Azure App registration. To be able to access Graph, and Azure Management (user impersonation) Using Microsoft.identity.Web I am a...
Take this:
- Register the API: Ensure that the API (https://cnt-prod.loadtesting.azure.com) is registered in your Azure AD tenant. This might involve creating an App Registration for the API if it doesn't already exist.
- Grant API Permissions: In your App Registration, grant the necessary API permissions for the data plane. This typically involves adding the https://cnt-prod.loadtesting.azure.com/.default scope to the API permissions.
- Admin Consent: After adding the permissions, ensure that admin consent is granted for the new permissions. This can be done in the Azure portal under the "API permissions" section of your App Registration.
- Update Your Code: Ensure that your code is correctly requesting the token with the new scope. Your code snippet looks correct, but double-check that the scope is accurately specified:
var token = await tokenAcquisition.GetAccessTokenForUserAsync(new[] { "https://cnt-prod.loadtesting.azure.com/.default" });
- Check API Configuration: Verify that the API (https://cnt-prod.loadtesting.azure.com) is configured to accept tokens from your Azure AD tenant. This might involve setting up the API to validate tokens issued by your Azure AD.
Thank you for your message. This is the sticking point unfortunately. Makes me think I must be doing somethign wrong. But this suggestion
- Grant API Permissions: In your App Registration, grant the necessary API permissions for the data plane. This typically involves adding the https://cnt-prod.loadtesting.azure.com/.default scope to the API permissions.
When searching to add API permissions, I am unable to find this at all. Could it be called something else? or be a part of another API.
