【发布时间】:2021-09-19 16:29:36
【问题描述】:
当我尝试从邮递员打一个休息电话时,我能够获得访问令牌,但使用 ajax 调用我收到 403 禁止错误。附加 https://cors-anywhere.herokuapp.com/ url 来访问令牌 url 以避免 CORS 错误。
const formData = new FormData();
formData.append("client_id", "client_id");
formData.append("client_secret", "S7D7Q~excS5KjBh9JnPK-afZjTjtALGTKNweP");
formData.append("grant_type", "client_credentials");
formData.append("scope", "https://graph.microsoft.com/.default");
$(document).ready(function () {
requestToken();
});
var token;
function requestToken() {
$.ajax({
async: true,
crossDomain: true,
credentials: "include",
url: "https://cors-anywhere.herokuapp.com/https://login.microsoftonline.com/b262d1f3-4738-400d-ad54-c82cdabb6540/oauth2/v2.0/token",
method: "POST",
headers: {
"content-type": "application/x-www-form-urlencoded"
},
cache: false,
processData: false,
contentType: false,
data: formData,
success: function (response) {
console.log(response);
token = response.access_token;
},
});
}
【问题讨论】:
-
我同意@juunas,他提到的 msal.js 是你应该在项目中使用的,你可以参考this answer 或这个sample code
标签: azure-active-directory microsoft-graph-api postman