Oliver/gmal-scope-builder
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gmal-scope-builder/backend/app/middleware
History
Exact
Vadym Samoilenko b7db37828b Fix 401: send ID token instead of Graph access token 
Access tokens for User.Read scope have audience=graph.microsoft.com,
but the backend validates audience=CLIENT_ID. ID tokens always have
audience=CLIENT_ID so they validate correctly.

Also add upn claim fallback for email extraction from ID token.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-30 11:16:44 +01:00
..
__init__.py Add Azure SSO + production deployment config 2026-03-28 18:51:18 +00:00
auth.py Fix 401: send ID token instead of Graph access token 2026-03-30 11:16:44 +01:00