Validate Access_Token from Microsoft Online OAuth via REST API or OWIN

Question

I am using ASP.NET Web Forms and OWIN to single-sign on into a web service via Microsoft Online. This is done by calling:

app.UseMicrosoftAccountAuthentication(ClientId = ..., ClientSecret = ...)

I have setup a CustomMicrosoftAuthProvider which allows me to get the access token via context.AccessToken.

Great. Now I want to be able to validate this Access_Token. With the Google OAuth API this is really easy - I call a validation endpoint via REST and I am done.

But with Microsoft I cannot find clear/good documentation for how to validate this Access Token? Is there a REST API to pass in an access token and validate it? Or is there a similar API where I can pass in the access token and get the user's email address or get a 401 if it is invalid?

If none of the above exists, is there some way to do this via the ASP.NET OWIN API?

Any help here is greatly appreciated!

Update: I tried making a GET to this URL, where ACCESS_TOKEN is taken from context.AccessToken:

https://apis.live.net/v5.0/me?access_token=ACCESS_TOKEN

However, it produces this error:

{
    "error": {
        "code": "request_token_invalid",
        "message": "The access token isn't valid."
    }
}

Probable duplicate of https://stackoverflow.com/questions/32395538/how-to-get-userinfo-with-microsoft-oauth-after-successfully-authenticated — Eugene Primako, Jun 25 '18 at 22:01
@EugenePrimako Thanks for the link but unfortunately that doesn't work (see update above) — A X, Jun 30 '18 at 06:31

Validate Access_Token from Microsoft Online OAuth via REST API or OWIN

0 Answers0