Oauth 無法取得 access token

以下是我 APP 的設定

Web Redirect URL:

• http://localhost/login/token

Single Redirect URL:

• http://localhost/login/token

Implicit grant and hybrid flows

• Access tokens (used for implicit flows)
• ID tokens (used for implicit and hybrid flows)

Supported account types

• Accounts in this organizational directory only

我使用以下 url 嘗試取得 authorization_code :

https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/authorize?

client_id={{ClientID}}&

response_type=id_token&

redirect_uri=http%3A%2F%2Flocalhost%2Flogin%2Ftoken&

scope=openid&

response_mode=form_post&

nonce=678910  

以上 url 可以正常得到 authorization_code

接著我嘗試執行以下 request （Body 是為了方便閱讀才換行的）

URL: https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token

Method: POST

Header: Content-type: application/x-www-form-urlencoded

Body:
  client_id={{ClientID}}&
  client_secret={{ClientSecret}}&

  scope=openid&

  code={{authorization_code}}&

  grant_type=authorization_code

  redirect_uri=http%3A%2F%2Flocalhost%2Flogin%2Ftoken

但是卻回傳以下錯誤訊息：

{"error":"invalid_grant","error_description":"AADSTS9002313: Invalid request. Request is malformed or invalid. Trace ID: 12f61376-918d-421e-bc24-8fbeaa618300 Correlation ID: 1559c807-fcb0-4898-b656-bbb918424a95 Timestamp: 2023-12-12 07:08:47Z","error_codes":[9002313],"timestamp":"2023-12-12 07:08:47Z","trace_id":"12f61376-918d-421e-bc24-8fbeaa618300","correlation_id":"1559c807-fcb0-4898-b656-bbb918424a95","error_uri":"https://login.microsoftonline.com/error?code=9002313"}