OAuth2 Authentication issues RRS feed

  • Question

  • Hi All,

    I’m trying to request an OAuth2 token from ADFS using this guide.

    OAuth2 Example

    This works fine on my development machine which uses its own AD, however on our production AD I am having issues.

    I send my first GET request to retrieve the authorization code using the following format-


    This quite happily returns an authorization code in the query string of the redirect uri.

    Next I do my POST request to retrieve the token using the following details…




    content-type: application/x-www-form-urlencoded



    This works fine on the dev AD and returns an access token, but on our corporate AD returns the following…

    {"error":"invalid_grant","error_description":"MSIS9612: The authorization code received in 'code' parameter is invalid. "}

    Even though the code I send is the one I just received from the GET request. I did notice that the authorization request always returns a different code for the same user, is this correct? Because of this I thought it maybe that the code was invalidated as soon as I retrieved it.

    Any help greatly appreciated.



    Tuesday, June 21, 2016 1:20 PM

All replies

  • This is ADFS 3.0?

    You have two AD so you must have two ADFS.

    Is the RP configured the same on both?

    Same grants etc.?

    Have you compared the users on each AD?

    Both the same?

    Both have the same attributes e.g. UPN, name etc.?

    Tuesday, June 21, 2016 7:11 PM
  • How you solved this issue? I am having the same issue {"error":"invalid_grant","error_description":"MSIS9612: The authorization code received in 'code' parameter is invalid. "}
    Thursday, December 27, 2018 4:07 AM