How to use Oauth with PKCE for outlook.com RRS feed

  • Question

  • Hi team,

    I am trying to configure an outlook.com account with OAuth. I am able to configure if I use client id and client secret. But I want to use PKCE instead of using client secret. When I use AppAuth library with PKCE for the same end points then it doesn't work. Am I supposed to use some different endpoints for authentication or is there other configuration required for this?

    Can you please help?

    Tuesday, March 12, 2019 7:17 AM


All replies

  • This forum is for questions and discussions about the TechNet Wiki. I would ask here:


    Edit: Does this document help?


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Tuesday, March 12, 2019 12:58 PM
  • For outlook.com I'd ask for help over here.




    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Tuesday, March 12, 2019 1:32 PM
  • Hey Richard,

    Thank you for quick reply. Yes, this is what I want to implement as mentioned in the document.

    But I see below error after entering email address and password in the WebView for authorization:

    "Sign in Sorry, but we’re having trouble signing you in. AADSTS50020: User account ‘bob1bob098@outlook.com’ from identity provider ‘live.com’ does not exist in tenant ‘bob’ and cannot access the application (TestApp) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account."

    After registering the application, I provided "Microsoft Graph" permissions to the app. Do you have any idea on what I am missing here?

    Thanks in advance!

    Thursday, March 14, 2019 8:45 AM