AADST900561 The endpoint only accepts POST requests. Received a GET request.

Hello @Carol Gauci , hope you are doing great! Thanks for reaching out to us.

So, what do AADSTS90056 (and AADSTS900561) errors mean?

This is one of the error codes returned by Azure AD Security Token Service. Microsoft explains this error as:

BadResourceRequest – To redeem the code for an access token, the app should send a POST request to the /token endpoint. Also, prior to this, you should provide an authorization code and send it in the POST request to the /token endpoint.

Refer to this article for an overview of OAuth 2.0 authorization code flow: https://video2.skills-academy.com/azure/active-directory/develop/active-directory-protocols-oauth-code. Direct the user to the /authorize endpoint, which will return an authorization_code. By posting a request to the /token endpoint, the user gets the access token.

Source: https://video2.skills-academy.com/en-us/azure/active-directory/develop/reference-aadsts-error-codes

How to fix AADSTS90056 in your browser?

• Navigate to this link in Google Chrome: chrome://settings/content/cookies
• Unselect “Block third-party cookies” (see below)
• If this still didn’t help, clear cookies like shown here: How to log in to Microsoft’s websites (MSDN forums, Azure Portal, SharePoint Online) when you get a “Bad Request” error?

Note that some browsers might do this by default.

Reference: Resolving error AADSTS90056

Let me know if this answers your question.

--------
Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.