0

I am changing my existing c#-app from basic authentication to OAuth Authenticate.

I'm using the code example from Microsoft learn page:

// Using Microsoft.Identity.Client 4.22.0
var cca = ConfidentialClientApplicationBuilder
.Create(ConfigurationManager.AppSettings["appId"])
.WithClientSecret(ConfigurationManager.AppSettings["clientSecret"])
.WithTenantId(ConfigurationManager.AppSettings["tenantId"])
.Build();

// The permission scope required for EWS access
var ewsScopes = new string[] { "https://outlook.office365.com/.default" };

//Make the token request
var authResult = await cca.AcquireTokenForClient(ewsScopes).ExecuteAsync();


On the Azure Active directory in App-Registration with the rigths Mail.* ( see attached image 
)

[App rigths]

when I try to get the token with AcquireTokenForClient I get this error:

A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal... ErrorCode: "invalid_client" HResult: -2146233088*

Thanks for help Dani

Improve this question

1 Answer 1

Reset to default
1

The only permission that is valid for EWS when using the client credentials flow is full_access_as_app

enter image description here

The Mail. permissions are all for the Graph which supports a much more restrictive permission model that EWS does not. I would suggest you read https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth you has the information you need to modify the manifest directly to add the correct permissions

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.