I'm attempting to use the OneNote REST API. In order to test the features, I'm tyring to use Postman REST Client.

I am using Postman's built in OAuth 2.0 flow with the following parameters:

Authorization URL: https://login.live.com/oauth20_authorize.srf
Access Token URL: https://login.live.com/oauth20_token.srf
Client ID: CLIENT_ID
Client Secret: CLIENT_SECRET
Scope (Optional): wl.signin%20wl.basic

Below you can see the setup I am using for the MS App Dashboard.

I am able to get the token, but when I attempt to call a REST API endpoint, the API returns "401 unauthorized".

Is there something I'm missing here? I think the scope is right, and the space character is properly escaped. Thanks in advance.

I did some more research into the scopes and found this

Looks like I needed to use wl.signin%20office.onenote%20office.onenote_create to get sign in, basic features, and write features.

I'll leave this post up here so anyone else trying to figure this out can save a few hours!

This looks correct, thanks for posting this. The scopes are important and must be correct so the user knows what they are allowing the app to access.