Quick steps to generate Microsoft device codes for testing purposes.
You can test the Microsoft device code flow manually without the need of installing any powershell modules.
- Open a Powershell prompt
- Run below command:
$device = curl -s -X POST `
-H "Content-Type: application/x-www-form-urlencoded" `
-d "client_id=04b07795-8ddb-461a-bbee-02f9e1bf7b46&scope=https://graph.microsoft.com/.default" `
"https://login.microsoftonline.com/common/oauth2/v2.0/devicecode" | ConvertFrom-Json
$device | ConvertTo-Json -Depth 10
- This results in the generation of a device code by using the client ID of Azure CLI.
- After the user authenticates using the device code it gives you an access token scoped for the Microsoft Graph API.
- Example authentication endpoint: https://microsoft.com/devicelogin
- After the user authenticated via the device code flow, run below command:
curl -s -X POST `
-H "Content-Type: application/x-www-form-urlencoded" `
-d "grant_type=urn:ietf:params:oauth:grant-type:device_code&client_id=04b07795-8ddb-461a-bbee-02f9e1bf7b46&device_code=$($device.device_code)" `
"https://login.microsoftonline.com/common/oauth2/v2.0/token" | ConvertFrom-Json | ConvertTo-Json -Depth 10
- Keep in mind to use the same Powershell session so earlier
$devicevariable can be used. - Done, the Access token can be used for additional testing purposes.
Early work by https://github.com/rvrsh3ll Author of TokenTactics.