2

CURL command that works successfully when I put my own Tenant ID, Client ID, and Client Secret in:

# Replace {tenant} with your tenant!
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=535fb089-9ff3-47b6-9bfb-4f1264799865&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=qWgdYAmab0YSkuL1qKv5bPX&grant_type=client_credentials' 'https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token'

My attempt using node-fetch that errors out:

const fetch = require('node-fetch');
let  tenantId='<my tenant id>';

    let token = fetch(`https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`, {
        method: 'post',
        headers: {'Content-Type': 'application/json'},
        body: JSON.stringify({
            client_id: '<my client id>',
            scope: 'https://graph.microsoft.com',
            client_secret: '<my client secret>',
            grant_type: 'client_credentials',
        })
      }).then(function(response) {
        return response.json()
      }).then(json => {
          console.log(json)
      })

Error I'm receiving:

  error: 'invalid_request',
  error_description: "AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\n" +
    'Trace ID: <trace id>\r\n' +
    'Correlation ID: <correlation id>\r\n' +
    'Timestamp: 2021-05-12 22:27:30Z',
  error_codes: [ 900144 ],
  timestamp: '2021-05-12 22:27:30Z',
  trace_id: '<trace id>',
  correlation_id: '<correlation id>',
  error_uri: 'https://login.microsoftonline.com/error?code=900144'

What is wrong with the body in my node-fetch POST request?

By the way, I've tried with Axios and am getting the same result, too.

Vova Bilyachat
  • 18,765
  • 4
  • 55
  • 80
Dshiz
  • 3,099
  • 3
  • 26
  • 53
  • `curl` is using url-encoded format. Why are you using JSON in your conversion? – Barmar May 13 '21 at 00:23
  • I've tried using url-encoded also, but I get the same error. – Dshiz May 13 '21 at 00:26
  • Is that your real client ID and client secret in the `curl` command? – Barmar May 13 '21 at 00:26
  • No, that's from Microsoft's documentation: https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/develop/v2-oauth2-client-creds-grant-flow.md#get-a-token – Dshiz May 13 '21 at 00:27
  • Just to clarify, when you use url-encoded, you are just putting in that same content from the working curl command as a string, right? – daniel May 13 '21 at 00:58
  • @DanLynch I'm passing in the same body object shown in my sample code. I guess, I'm not sure what I would need to do otherwise? – Dshiz May 13 '21 at 01:02

1 Answers1

2

AD is expecting form request, try this

const fetch = require('node-fetch');
let  tenantId='<my tenant id>';

    let token = fetch(`https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`, {
        method: 'post',
        headers: {'Content-Type': 'application/x-www-form-urlencoded'},
        body: 'client_id=<my client id>&scope=https://graph.microsoft.com&client_secret=<my client secret>&grant_type=client_credentials'
        }
      }).then(function(response) {
        return response.json()
      }).then(json => {
          console.log(json)
      })
Vova Bilyachat
  • 18,765
  • 4
  • 55
  • 80