Share via

Getting "00000003-0000-0000-c000-000000000000" Audience in Access token which was expected to be "https://graph.microsoft.com"

Sagar K 0 Reputation points
2024-10-04T07:22:46.8166667+00:00

I am encountering an issue while trying to acquire an access token using the SharePoint Online API. The expected audience for the token is 'https://graph.microsoft.com', but I am receiving token '00000003-0000-0000-c000-000000000000' instead.

 

Request Configuration: - Path: /sites/14thAugTestPublicTeam/_api/Microsoft.SharePoint.Internal.ClientSideComponent.Token.AcquireOBOToken?resource=%27https://graph.microsoft.com%27&clientId=<client_id>

 

Response: json {     "odata.metadata": "https://DOMAIN.sharepoint.com/sites/SITE_NAME/_api/$metadata#Edm.String",     "value": "{ "AccessToken": <access token with audience '00000003-0000-0000-c000-000000000000' instead of 'https://graph.microsoft.com'> }" } Expected Result: The audience should be 'https://graph.microsoft.com'. Additional Information: The same code and configuration work correctly in a one of our SharePoint Online tenants, returning the expected audience. while in 3-4 other tenants we are seeing this issue. Could you please help me understand why the audience is returning as 00000003-0000-0000-c000-000000000000 instead of https://graph.microsoft.com? Any guidance or troubleshooting steps would be greatly appreciated.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,037 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,709 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,980 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,790 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rohit Raghuwanshi - MSFT 470 Reputation points Microsoft Vendor
    2024-10-04T12:01:23.2033333+00:00

    Hello Sagar K,

    Thank you for reaching out, Microsoft!

    The Id 00000003-0000-0000-c000-000000000000 you are receiving is AppId for Microsoft Graph application only which is expected resource for your request. You can verify this on the below mentioned documentation.

    https://learn.microsoft.com/en-us/troubleshoot/azure/entra/entra-id/governance/verify-first-party-apps-sign-in#application-ids-of-commonly-used-microsoft-applications

    User's image

    If my answer is helpful to this question, please remember to "Accept as answer" to close this case and this will help people in this forum who have similar questions to yours find the answer easier.

    1 person found this answer helpful.
  2. M. R. Chaturvedi 0 Reputation points
    2024-10-11T06:00:23.1366667+00:00

    Hi @Rohit Raghuwanshi - MSFT ,
    I recently encountered a similar issue with one of my tenants. Recently, the audience was changed and displayed as "00000003-0000-0000-c000-000000000000," whereas it has now reverted again to "https://graph.microsoft.com." This change occurred on October 8th (IST) and is consistent across all tenants.

    I would like to inquire whether there has been any rollback or other modifications from Microsoft's end. A prompt response would be greatly appreciated, as this matter is critical to the functionality of our application.

    Thank you for your attention to this issue.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.