Getting "00000003-0000-0000-c000-000000000000" Audience in Access token which was expected to be "https://graph.microsoft.com" #9951
Labels
Needs: Triage 🔍
Awaiting categorization and initial review.
type:bug-suspected
Suspected bug (not working as designed/expected). See “type:bug-confirmed” for confirmed bugs.
Target SharePoint environment
SharePoint Online
What SharePoint development model, framework, SDK or API is this about?
💥 SharePoint Framework
Developer environment
Windows
What browser(s) / client(s) have you tested
Additional environment details
Describe the bug / error
I am encountering an issue while trying to acquire an access token using the SharePoint Online API. The expected audience for the token is 'https://graph.microsoft.com', but I am receiving token '00000003-0000-0000-c000-000000000000' instead.
Request Configuration: - Path: /sites/14thAugTestPublicTeam/_api/Microsoft.SharePoint.Internal.ClientSideComponent.Token.AcquireOBOToken?resource=%27https://graph.microsoft.com%27&clientId=<client_id>
Response: json { "odata.metadata": "https://DOMAIN.sharepoint.com/sites/SITE_NAME/_api/$metadata#Edm.String", "value": "{ "AccessToken": <access token with audience '00000003-0000-0000-c000-000000000000' instead of 'https://graph.microsoft.com'> }" } Expected Result: The audience should be 'https://graph.microsoft.com'. Additional Information: The same code and configuration work correctly in a one of our SharePoint Online tenants, returning the expected audience. while in 3-4 other tenants we are seeing this issue. Could you please help me understand why the audience is returning as 00000003-0000-0000-c000-000000000000 instead of https://graph.microsoft.com/? Any guidance or troubleshooting steps would be greatly appreciated.
We were expecting 'https://graph.microsoft.com' in audience but started seeing 00000003-0000-0000-c000-000000000000 instead from last couple of days. without any change from our end.
Steps to reproduce
Expected behavior
Audience in access token should be: 'https://graph.microsoft.com'
The text was updated successfully, but these errors were encountered: