How to get the Access Token using Azure AD Authentication with AuthSession?

I need to be able to call the Azure Devops Rest API to create new work items for the core functionality of this app.

I’ve registered my App in Azure Active Directory and added the Expo Auth proxy as a valid redirect URL, and that’s all working. I can click the login button, open the web browser and authenticate. The response is structured like:

  "authentication": null,
  "error": null,
  "errorCode": null,
  "params": {
    "code": "<code>",
    "session_state": "<session_state>",
    "state": "<state>",
  "type": "success",
  "url": "exp://<code>&state=<state>&session_state=<session_state>",

I don’t recognize the code format (it’s not jwt), and have been unable to get an access token as described in this post from last year: Azure AD Authentication with react native expo, can't get the access token

When I’ve copied the useEffect() block and added logging inside the async block, nothing gets logged.

I want to be able to have users log in using their microsoft account and then call the DevOps api on behalf of a user. However I can make that happen (without a PAT) is fine for me.

Here’s my code below, basically copied from the above forum post and the expo docs here: Authentication - Expo Documentation

  const discovery = AuthSession.useAutoDiscovery('')
  // const discovery = AuthSession.useAutoDiscovery('')

  const [request, response, promptAsync] = AuthSession.useAuthRequest(
      clientId: 'd794e955-72f7-4349-990c-f08071ddeef3',
      scopes: ['openid', 'profile', 'email', 'offline_access'], // check scopes in devops oauth docs
      redirectUri: AuthSession.makeRedirectUri({
        useProxy: true


  useEffect(() => {
    if (response !== null && response.type && response.type === "success") {
      (async () => {
        console.log("attempting to get access token");
        let tokenRes: AuthSession.TokenResponse = await AuthSession.exchangeCodeAsync({
          clientId: 'd794e955-72f7-4349-990c-f08071ddeef3',
          code: response.params.code,
          redirectUri: '',
          extraParams: {
            code_verifier: request?.codeVerifier || "",
        if (tokenRes.accessToken && tokenRes.accessToken !== null && tokenRes.accessToken !== "") {
          let decoded: any = jwt_decode(tokenRes.accessToken);
  }, [response])

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.