I am trying to retrieve an OAuth v2 Token from Microsoft Azure to allow my API to access an SMTP Server (trying to implement Option 1 from here). I am attempting to use the msal-node library.

I've registered my API and have a token endpoint in the format:

const tokenEndpoint = https://login.microsoftonline.com/{{tenantID}}/oauth2/v2.0/token

I have the following code:

const msalConfig: Configuration = {
  auth: {
    authority: tokenEndpoint,
    clientId: clientId,
    clientSecret: clientSecret, // Using Client Secret Value
  }
};

const tokenScopes = ['https://outlook.office.com/SMTP.Send'];

export const getAuth = async () => {
  const cca = new ConfidentialClientApplication(msalConfig);
  try {
    const authResponse: AuthenticationResult = await cca.acquireTokenByClientCredential({
      scopes: tokenScopes
    });
    console.log(`Auth Response: ${authResponse.accessToken}`);
  } catch (err) {
    console.log(`Error (getAuth): ${err}`);
  }
};

Upon running getAuth, I receive the following error:

Error (getAuth): ClientAuthError: endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. 
Detail: ClientAuthError: openid_config_error: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://login.microsoftonline.com/{{id}}/oauth2/v2.0/token/v2.0/.well-known/openid-configuration

I've doubled checked my endpoints a number of times - what could I be doing wrong?

CodePudding user response：

Based on the documentation here, the authority endpoint should be https://login.microsoftonline.com/{{tenantID}}/.