The idea is to add a new flag --decoded to the util accesstoken get command. By doing this, the access token is returned to the user in a decoded way exposing all the info contained in the access token.
This can save some copy/pasting to jwt.ms or jwt.io.
Example:
m365 util accesstoken get --resource sharepoint --decoded
Output:
{
"typ": "JWT",
"nonce": "aNWsFcJSZqylHThLpfMP7s8CPIHYLWh2azQ4wm-zceE",
"alg": "RS256",
"x5t": "JDNa_4i4r7FgigL3sHIlI3xV-IU",
"kid": "JDNa_4i4r7FgigL3sHIlI3xV-IU"
}.{
"aud": "00000003-0000-0ff1-ce00-000000000000",
"iss": "https://sts.windows.net/019d400d-2164-4b72-8769-d94d34aae37c/",
"iat": 1741942701,
"nbf": 1741942701,
"exp": 1741946601,
"aio": "k2RgYOiOO/5fsv5ufFHJhqCjswPsAQ==",
"app_displayname": "My app registration",
"appid": "01ddcdfd-c20d-4c05-b785-7085d141c195",
"appidacr": "2",
"idp": "https://sts.windows.net/019d400d-2164-4b72-8769-d94d34aae37c/",
"idtyp": "app",
"oid": "ab3ba4cb-00c8-4736-b73d-68debf671124",
"rh": "1.AV4AF4jFGMk7nUisY_cmT7NX5QMAAAAAAPEPzgAAAAAAAAARAQBeAA.",
"roles": [
"Sites.ReadWrite.All"
],
"sid": "864697ae-8bd7-4d6b-a0da-fe6a639d1573",
"sub": "90b404ac-eb23-4f43-bf0a-df533e0c1a7d",
"tid": "a5d4f39c-c227-481f-b5cb-f578604f7d8a",
"uti": "wXUKd89ekECZWnmTUySdAA",
"ver": "1.0",
"xms_ftd": "8q2CmCdoqE3L2zerp3-anrVQnjKFEYGJFVcjqpIPUFg",
"xms_idrel": "2 7",
"xms_pftexp": 1742033001
}.[Signature]
The idea is to add a new flag
--decodedto theutil accesstoken getcommand. By doing this, the access token is returned to the user in a decoded way exposing all the info contained in the access token.This can save some copy/pasting to jwt.ms or jwt.io.
Example:
Output:
{ "typ": "JWT", "nonce": "aNWsFcJSZqylHThLpfMP7s8CPIHYLWh2azQ4wm-zceE", "alg": "RS256", "x5t": "JDNa_4i4r7FgigL3sHIlI3xV-IU", "kid": "JDNa_4i4r7FgigL3sHIlI3xV-IU" }.{ "aud": "00000003-0000-0ff1-ce00-000000000000", "iss": "https://sts.windows.net/019d400d-2164-4b72-8769-d94d34aae37c/", "iat": 1741942701, "nbf": 1741942701, "exp": 1741946601, "aio": "k2RgYOiOO/5fsv5ufFHJhqCjswPsAQ==", "app_displayname": "My app registration", "appid": "01ddcdfd-c20d-4c05-b785-7085d141c195", "appidacr": "2", "idp": "https://sts.windows.net/019d400d-2164-4b72-8769-d94d34aae37c/", "idtyp": "app", "oid": "ab3ba4cb-00c8-4736-b73d-68debf671124", "rh": "1.AV4AF4jFGMk7nUisY_cmT7NX5QMAAAAAAPEPzgAAAAAAAAARAQBeAA.", "roles": [ "Sites.ReadWrite.All" ], "sid": "864697ae-8bd7-4d6b-a0da-fe6a639d1573", "sub": "90b404ac-eb23-4f43-bf0a-df533e0c1a7d", "tid": "a5d4f39c-c227-481f-b5cb-f578604f7d8a", "uti": "wXUKd89ekECZWnmTUySdAA", "ver": "1.0", "xms_ftd": "8q2CmCdoqE3L2zerp3-anrVQnjKFEYGJFVcjqpIPUFg", "xms_idrel": "2 7", "xms_pftexp": 1742033001 }.[Signature]