I am trying to set up a resource owner password credentials flow (ROPC) in Azure Active Directory. My objective is to generate an OAuth 2.0 Access token using my Company org AAD username/password.
I have registered an AAD App with Application (client) ID: “d76b7a4f-xxxxx-xxx” that has these permissions:
I then used Postman to send a request:
However, I am getting this above error. The username/password is correct, but still I am not sure why I am getting this above error message. Probably something to do with the "invalid_grant"?
I have followed these Microsoft articles to build up this ROPC flow: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-ropc-policy?tabs=app-reg-ga&pivots=b2c-user-flow
In the above 2nd article, I am missing this part (Create a resource owner user flow): https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-ropc-policy?tabs=app-reg-ga&pivots=b2c-user-flow#create-a-resource-owner-user-flow
Maybe that is the reason? Please note, I also don't have an admin role at my company's AAD.
What I am targeting here is to generate the identity of the AAD user in the form of an access token, which is then passed onto the backend system, which then responds based on the identity of the user accordingly.
I could generate the access token using the “client_credential” flow (see below), but I need the access token against the owner password credentials flow (ROPC).
Could you please help me out here.
