python_clientcred icon indicating copy to clipboard operation
python_clientcred copied to clipboard
Published 5 years ago verified publisher icon jasonjoh

Getting AADSTS650057: Invalid resource Issue

Open devu63 opened this issue 6 years ago • 0 comments

Dear Team,

I followed the steps mentioned in README.md file and got the following issue.

"AADSTS650057: Invalid resource. The client has requested access to a resource which is not listed in the requested permissions in the client's application registration. Client app ID: b9066a87-c0b2-4401-b400-d705e5dc2bfd(EmailBackup-16-sep-2019). Resource value from request: https://outlook.office365.com/. Resource app ID: 00000002-0000-0ff1-ce00-000000000000. List of valid resources from app registration: 00000003-0000-0000-c000-000000000000."

I do followed the couple of steps from search and that didn't helped me out. So I have the following queries, could you please look into these queries and let me know the step, where I am doing the mistake. 1) From https://github.com/jasonjoh/python_clientcred link, I got the steps to configure an X509 certificate for my sample application. I preferred to use openssl, hence followed the steps given at https://gist.github.com/carlopires/de085999dc69a13efe60 link for step 7 mentioned at https://github.com/jasonjoh/python_clientcred link. Following are the commands I used:

To generate the certificate with openssl: openssl genrsa 2048 > o365app.key openssl req -new -x509 -nodes -sha512 -days 365 -key o365app.key > o365app.crt

To generate key credentials for MS Azure: python gen_key_credentials.py o365app.crt

Step 8 at https://github.com/jasonjoh/python_clientcred link is as mentioned below. Extract the private key in RSA format from your certificate and save it to a PEM file. (I used OpenSSL to do this). openssl pkcs12 -in <path to PFX file> -nodes -nocerts -passin pass: | openssl rsa -out appcert.pem

As per step 8, I need <path to PFX file> to generate appcert.pem file.

Could you please let me know the steps to generate PFX file that needs to be used in above steps?

  1. App Registration steps mentioned at the following link differs from the steps that I can see in my azure portal.

https://github.com/jasonjoh/office365-azure-guides/blob/master/RegisterAnAppInAzure.md So could you please let me know the latest and valid steps to follow?

  1. Since steps to do app registration is deviating, what I need to fill at APP ID URI in azure portal?

  2. Should I need to upload Certificates file to Certificates & secrets path in azure portal?

  3. What are the other extra options I need to enable in azure app portal?

Please let me know, if you need any further information.

With Regards, Devaraj

devu63 avatar Sep 16 '19 11:09 devu63