private async Task <IActionResult> AcquireAccessTokenBySsoToken(PostTokenRequestBody body) { string[] scopes = body.scope.Split(' '); var ssoToken = GetJwtBearerTokenFromRequest(); // Do not get from cache temporary due to MSAL scope matching issue when cached token contains .default scope //var token = await _authHandler.AcquireTokenBySsoToken(User, ssoToken, scopes).ConfigureAwait(false); var token = await _authHandler.AcquireTokenBySsoTokenOnBehalfOf(ssoToken, scopes).ConfigureAwait(false); return(Ok(new PostTokenResponse { access_token = token.AccessToken, scope = string.Join(' ', token.Scopes), expires_on = token.ExpiresOn })); }