Microsoft Partner Center API - 401 Unauthorized when using access token

@JaySivaloganathan,

Unfortunately I don't use grant_type=client_credentials, I don't know if that's possible with the delegated permission structure for GDAP to access Customers. I, like most people I think, use grant_type=resource_token. Where you obtain a RefreshToken (good for 90 days, but can be renewed whenever obtaining an AccessToken) and then redeem that an AccessToken (good for 60 mins) when needing to access the Partner Center or any Customer APIs.

If you are JUST trying to access the Partner Center APIs (and not connect to any Customer resources) you may be able to use client_credentials, but I've not tried.

Things to check: What permissions / scopes have you added to your Client App (the one referenced by your client_id)? You have not passed a scope= in your POST, what is the default scope in the data returned? I tried your POST request (using my App ID, which is also in Canada, but as I said: is set up for Refresh Token usage) and the resource ends up being the MS Graph's AppID:

Check your AccessToken using https://jwt.io/ and see what the "aud" is. I tried making a request against https://graph.microsoft.com/v1.0/users and it didn't return a 401, but instead a "InvalidAuthenticationToken" error -- because the resource was wrong of course.

Try adding resource=https://api.partner.microsoft.com to your request. When you do that you should get this back:

And the "aud" in the AccessToken matches.

I still couldn't GET the data you wanted, but as I said my setup is based around Refresh Tokens. For info on that, see: https://techcommunity.microsoft.com/t5/partner-led-questions-tech/configuring-the-secure-app-model-for-powershell-api-graph/m-p/3820555

Hopefully some of that helps. If not, try working through the links in the above link and configuring things using Refresh Tokens.

  --Saul