"Access token validation failure. Invalid audience" issue in outlook Add-In using Office.Auth for Microsoft Graph API calls.

Suraj Sinha 5 Reputation points
2024-11-11T08:58:47.0866667+00:00

I've created a React.js-based Outlook add-in where I've loaded Office.js using a CDN link, and the Office API has successfully initialized. I'm using the Office.Auth API to obtain an access token for an application registered in the Azure portal. I've also added Microsoft Graph permissions and included them in the application's configuration shown in snapshot.
User's image

Also, I have added Scopes in "webApplicationInfo" element as shown in snapshot.

User's image

For local testing, I've set up the Application ID URI as "api://localhost:3000/{APP_ID}" and preauthorized the application with "ea5a67f6-b6f3-4338-b240-c655ddc3cc8e" as specified in Microsoft's documentation.
https://learn.microsoft.com/en-us/office/dev/add-ins/develop/register-sso-add-in-aad-v2

While I can successfully retrieve an access token using the Office.Auth API through below code.
User's image

Attempting to use this token to call Microsoft Graph API results in an error:

"code": "InvalidAuthenticationToken",

"message": "Access token validation failure. Invalid audience."

Please assist.

Office
Office
A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.
1,763 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,466 questions
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
4,053 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Yakun Huang-MSFT 7,280 Reputation points Microsoft Vendor
    2024-11-11T09:23:20.1933333+00:00

    Hello Suraj Sinha,

    Thank you for reaching out to Microsoft Support!

    If you need access to the Graph API, use SKDs to get the token, see the documentation for details,

    And for permissions granted in Azure, click the button to grant administrator consent, as shown below:

    Screenshot 2024-11-11 092129

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.