OAUTH2 Problem with AzureAD

Hello!

I have configured OAUTH2 with azure ad with below config

'OAUTH2_NAME': "azure",

# The display name, ex: Google

'OAUTH2_DISPLAY_NAME': 'MS Azure',

# Oauth client id

'OAUTH2_CLIENT_ID': '<ID>',

# Oauth secret

'OAUTH2_CLIENT_SECRET': '<SECRET>',

# URL to generate a token,

# Ex: https://github.com/login/oauth/access_token

'OAUTH2_TOKEN_URL': 'https://login.microsoftonline.com/
<TENANT-ID>/oauth2/v2.0/token',

# URL is used for authentication,

# Ex: https://github.com/login/oauth/authorize

'OAUTH2_AUTHORIZATION_URL': 'https://login.microsoftonline.com/
<TENANT-ID>/oauth2/v2.0/authorize',

# Oauth base url, ex: https://api.github.com/

'OAUTH2_API_BASE_URL': 'https://graph.microsoft.com/v1.0',

# Name of the Endpoint, ex: user

'OAUTH2_USERINFO_ENDPOINT': 'profile',

# Oauth scope, ex: 'openid email profile'

# Note that an 'email' claim is required in the resulting profile

'OAUTH2_SCOPE': 'User.Read email openid profile',

# Font-awesome icon, ex: fa-github

'OAUTH2_ICON': 'fa-github',

# UI button colour, ex: #0000ff

'OAUTH2_BUTTON_COLOR': None,

After testing I found below error

requests.exceptions.HTTPError: 400 Client Error: Bad Request for url:
https://graph.microsoft.com/profile

2022-04-19 14:34:38,717: INFO werkzeug: 49.37.172.20 - -
[19/Apr/2022 14:34:38] "*GET
/oauth2/authorize?code=0.ARsA3jZYM-9CokOxRTSMLunKW_3a3dHcJP5MrfqQQJh5-YcbAAA.AQABAAIAAAD--DLA3VO7QrddgJg7Wevrdrp6mz5VUBPbc2M4Bs4hmaPP7YfekSA8Yt9vmf1zMQFku0U1U1xfWkuaKw8eFQjW9sNkh1-Gl6XaDfqOV6NQ0dAxvBNW5K_GOC9VChtUG_s8DXVKvZ05dvryfX1K-NUgDFoXiSU7Xmyc40UWiIr1fBse7PLdvaFDL4KmUbO4Ivm6j7fuh3l0Q5sB-lMB56NmbV9NCDSoy-ccbnGwm-2pVN42HErVzE9b8P0Gowba3QWfNUvLSmbkbVv_UQHnQ2jgZfNK7oPcggZJojU8biYXJN6KcpOL7eQmP1oUjhUafRJw5TLr5LSSYGHbXVmL7zgJ7RCuWBJAS_VSrYr5hMaRhvxBMLgC6bwQmI8euv_hC9GZ0vmxqNY6T11M72Ye8NkQrA_5zM9qPiFh1bZCsLyllkxN1LCgfEI_t--qiq0N2dd-SL2hE23VUAk5Wen_nwwjJQBKTpuE4v7BwjOwfpPqniNq2xLqALaXaBZfmjmGCjfrVHlw4e5ADsxU0VBY4eH7BiKwye7o8AQdJC7w39Y8VteOJTLvCw5y0hPALIpzlCQtUtBhHjrKpzEPqgpZWfb55JSZ45YtjbZENcXyQk_sdRRo4SqNJxqU5W9yqcyY53PbtfzX0LTRTJ9FAfc5uqlgksyMcxZaXLcONWYocB1oGjaRTBbl7kZFZRScHzKNVQbXsnQVAURe3lesqOzlv--QtfMZHfYPA6igkryni8xPKETI9UyL0mRLTbxHOHZFvt0faNcvM1uCLiavNDgw4EkBljbLDDMIdCLrfOvSaIsMJA6vzRmFODq00iAZYIfqxQcgAA&state=ZmClT3NK4XExYAP8NQrdp5zIMaoM4m&session_state=ee30bdda-dd80-4ab9-aeee-1c61b8ffa63c
HTTP/1.1*" 500 -

2022-04-19 14:34:38,722: ERROR werkzeug: Error on request:

I tried to print response, this is the one, not sure what does it mean by
Invalid version. I tried to change accesstokenversion in azure ad but
received same issue.

{'error': {'code': 'BadRequest', 'message': 'Invalid version.',
'innerError': {'date': '2022-04-19T14:34:38', 'request-id':
'c2da3799-bab5-4c38-a485-78cf7b74567c', 'client-request-id':
'c2da3799-bab5-4c38

-a485-78cf7b74567c'}}}

Any clue? or is there a way I can check more details of innerError?

Regards,

Asmita

Regards,

Asmita