- ABP Framework version: v7.2.2
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
Hi, when I add a scopes into the HttpApiHostModule
.AddMicrosoftAccount(MicrosoftAccountDefaults.AuthenticationScheme, options =>
{
options.AuthorizationEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
options.TokenEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
options.Scope.Add("https://analysis.windows.net/powerbi/api/Report.Read.All");
options.Scope.Add("https://analysis.windows.net/powerbi/api/Dashboard.Read.All");
options.Scope.Add("https://analysis.windows.net/powerbi/api/Workspace.Read.All");
I retrieve this message: "Provided value for the input parameter scope cannot be empty when requesting an access token using the provided authorization code." I add Microsoft Authentication in login page, and set any parameters required. Thanks
5 Answer(s)
-
0
Hi,
Could you please capture some screenshots in Azure AD, Configured Permission page ? Something similar to this:
Thank you.
-
0
Hi, I set parameter like this:
It's wrong? Thank You
-
0
Hi,
The status column shows that the permission have not been granted. I guess that you do not use global admin account. Could you please ask the admin to grant them then retry ?
Regards, Long
-
0
Hi Long, I use this configuration from another applications, in net 4.8 and netcore 3.1, withouth apb suite, and they run. I don't understand if abp used another way to grant persmission to connect in azure app. Furthermore, if the column "Admin consent required" is set to "No", meaning that the persmission is not required, and I can use it. Is incorrect? Thank you
-
0
Hi, I think we cannot use .AddMicrosoftAccount() here. Because it will set scope to https://graph.microsoft.com/user.read by default. Later, you add scopes to PowerBI resources. We cannot use scopes of 2 different resource origins.
https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/125
