Azure AD issuing token that contains scopes I disabled
I'm trying to use Azure AD to restrict access to certain endpoints in my API.
I registered a FrontEnd and API app in Azure AD. When I go to disable the scopes I'm still getting the scopes issued in my oauth token.
Anyone have any ideas what I may be missing?
Solution
You may forget to reconsent for these permissions.
AAD v1 endpoint acts static permissions consent. Once you do permissions consent, the scope will be static, except you reconsent for new permissions. If you change the permissions and don't reconsent, the scope should be just as same as before.
So, you can just click Grant permissions button to reconsent permissions. Or you can just add &prompt=admin_consent in the request to force doing consent.
- How to create CustomEventArgs from PaintEventArgs by inheritance
- Can Windbg display thread names?
- Issue: All users access the same google drive account
- Google Analytics Measurement Protocol Library For .NET
- How to get Folder ID while creating a new folder in Google Drive using API
- dotnet publish --self-contained -> running the app still asks for .net installation
- Rijndael implementation in NodeJs not working the same as C# or Java
- Generic Repository in C# Using Entity Framework
- iOS On Demand Resource with MAUI
- C# - Securely storing a password locally
- How do I get the MAX row with a GROUP BY in LINQ query?
- How to get PropertyDescriptor for current property?
- MemoryStream.Close() or MemoryStream.Dispose()
- Can I remove items from a ConcurrentDictionary from within an enumeration loop of that dictionary?
- What is the difference between .NET Core and .NET Standard Class Library project types?
- BAD IMAGE QUALITY (Bitmap Windows Forms C#)
- What options are available for Shell32.Folder.GetDetailsOf(..,..)?
- C# - Append Number To File Being Saved
- How can I test for negative zero?
- Best way to randomize an array with .NET
- How to use a .Net Standard 2.1 DLL in .Net Framework 4.8?
- How to determine if a object type is a built in system type
- Why is there no update equivalent to WillCascadeOnDelete?
- Optimize Code Snippet Skipping Loop Iteration
- How to make variable height for ToolStripMenuItems in ContextMenuStrip?
- Add comma thousand separator to decimal (.net)
- How to query nested properties in Cosmos DB from .NET 8 API
- What is a method group in C#?
- Crash reports from Microsoft Store for .NET Maui Apps
- Correct way for get fractional part double like int