oauthazure-active-directoryserver-to-server

Is it possible to setup a fixed scope/resource in App Registration in Azure Active Directory instead of letting the client supply this?


I am trying to setup server-to-server authentication like described here, but I can't get it to work without specifying a resource(or scope, depending on the version used of the token endpoint). The reason for not specifying the resource is because the third party application is not able to specify this (at least not at the moment)

Is there a way to specify a default resource/scope, for instance in the manifest of the App Registration?


Solution

  • As far as I know, for the v1 endpoint, you need to specify the resource identifier or AppID URI, and for the v2 endpoint, you need to specify the scope, there is no way to specify a default resource/scope.

    For v1, you could refer to this doc.

    For v2, you could refer to here.