1

Using a server back-end web application ("Authroization Code" flow) to allow users to authenticate to my app using Azure/MS logins, I ran into an odd (and google-unhelpful) issue -

Following this guide (written only a few months ago) - https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code When I go to redirect the user to the login page (in this case on my browser, where I'm already logged into the MS online account, I get the following error:

AADSTS500201: We are unable to issue tokens from this API version for a Microsoft account. Please contact the application vendor as they need to use version 2.0 of the protocol to support this.

Googling the error number comes up with very few hits, and googling the error text gives me some hits about 'it's not ready yet' or changing account types, which I'm not entirely sure how to do on my account.

Is it an account issue, or am I redirecting to the wrong URL?

Coyttl
  • 111
  • 4
  • likely duplicate of https://stackoverflow.com/questions/43320860/aadsts50020-we-are-unable-to-issue-tokens-from-this-api-version-for-a-microsoft I'm actively researching this problem myself. also see https://stackoverflow.com/questions/56321231/adal-integration-with-ionic-3-getting-we-are-unable-to-issue-tokens likely solutions via: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview https://docs.microsoft.com/en-us/azure/active-directory/develop/azure-ad-endpoint-comparison#who-can-sign-in – jimmont Oct 10 '19 at 07:52

1 Answers1

1

The link in the unattended access tutorial should be replaced by your own. To see the consent dialog:

where

{tenant} = A tenant created in your Azure account.

{appID} = An OAUTH application created in your account (substitute for the example link 6731de76-14a6-49ae-97bc-6eba6914391e)

{redirect-in-app} = for example, https://localhost/myapp/permissions created in your application.

un-CharlieH
  • 11
  • 1