I am trying to configure spring-boot-starter-oauth2-resource-server and spring-boot-starter-oauth2-client in a single app as web_application_and_resource_server. After following these instructions I have the following error:
Error: Caused by: java.lang.IllegalStateException: Web Api do not support authorization_code grant type. id = graph.
I am unsure how to configure the properties for the resource server, I tried the properties below:
azure.activedirectory.tenant-id=###
# Specifies your App Registration's Application ID:
azure.activedirectory.client-id=###
# Specifies your App Registration's secret key:
azure.activedirectory.client-secret=###
azure.activedirectory.application-type = web_application_and_resource_server
#azure.activedirectory.app-id-uri=##
#azure.activedirectory.authorization-clients.api.authorizationGrantType=on_behalf_of
#azure.activedirectory.authorization-clients.api.scopes=https://graph.microsoft.com/User.Read
azure.activedirectory.authorization-clients.graph.authorizationGrantType=authorization_code
azure.activedirectory.authorization-clients.graph.scopes=https://graph.microsoft.com/User.Read,Directory.AccessAsUser.All,offline_access,openid,profile,email
How does the configuration apply to resource server?
With above configuration I receive an error webapi cant accept authorisation code as a granttype which is true.
Is there any specific configuration required at AZure Ad level? All APIs are within the spring boot application itself. I just need all APIs to be authenticated using the token.