I'm at a loss:
I am trying to obtain an authorization token for VSTS using oAuth 2, but for some reason, I fall short every single time.
I first created an APP over at apps.dev.microsoft.com . The app was created as an Azure AD Only application since the VSTS account is bound to our tenant.
Second, I went to the Azure portal, and added required permissions, chose Microsoft Visual STudio Team Services, checked "Have full access to Visual Studio Team SErvices REST API's", saved and granted.
Next, I wrote a quick javascript to sign in the user to obtain an Authorization token. I am writing an extension for Microsoft Teams, and plan to use it there.
The script looks like so:
let state = _guid();
localStorage.setItem("simple.state", state);
localStorage.removeItem("simple.error");
let vstsQueryParams = {
client_id: "[MY APP ID]",
response_type: "Assertion",
state: state,
scope: "vso.work vso.work_write",
redirect_uri: encodeURIComponent("[MY REDIRECT URI]")
};
let vstsAuth = "https://app.vssps.visualstudio.com/oauth2/authorize?" + toQueryString(vstsQueryParams);
window.location.assign(vstsAuth);
When I execute this, instead of getting a 200, I get a 203 Non-Authoritative information result with the message:
Microsoft Internet Explorer's Enhanced Security Configuration is currently enabled on your environment. This enhanced level of security prevents our web integration experiences from displaying or performing correctly. To continue with your operation please disable this configuration or contact your administrator.
This message, according to multiple searches on google, is off by a mile. This should have nothing to do with IEES.
In Postman, I get exactly the same result. I've gone over my parameters over and over, checking for casing and spelling errors, but see nothing wrong.
Can anyone help me shed some light on this, and maybe, through reading what I've done so far, indicate if my thinking or flow is wrong?