Office 365 API, error: The token has invalid value 'roles' for the claim type ''

Hi guys,

I am trying to develop a Daemon / Server application using the new Office 365 APIs. I have added a new application to Azure Active Directory. I am using cURL + the app ID and secret to get a JWT token, this is the exact request:

curl -X POST https://login.windows.net/TENANT_KEY/oauth2/token \
  -F redirect_uri=http://spreadyDaemon \
  -F grant_type=client_credentials \
  -F resource=https://outlook.office365.com/ \
  -F client_id=XXXX \
  -F client_secret=XXXX=

 I get back a JWT however it has no scopes for access set here is the decoded JWT claims:

{"ver": "1.0","aud": "https://outlook.office365.com/","iss": "https://sts.windows.net/TENANT_KEY/","oid": "17fa33ae-a0e9-4292-96ea-24ce8f11df21","idp": "https://sts.windows.net/TENANT_KEY/","appidacr": "1","exp": 1415986833,"appid": "XXXX","tid": "e625eb3f-ef77-4c02-8010-c591d78b6c5f","iat": 1415982933,"nbf": 1415982933,"sub": "17fa33ae-a0e9-4292-96ea-24ce8f11df21"
}

Therefore when I do a request to the exchange API endpoint I get the following response:

HTTP/1.1 401 Unauthorized
Cache-Control: private
Server: Microsoft-IIS/8.0
request-id: d08d01a8-7213-4a13-a598-08362b4dfa70
Set-Cookie: ClientId=WDALDNO0CAIOOZDZWTA; expires=Sat, 14-Nov-2015 16:40:59 GMT; path=/; HttpOnly
X-CalculatedBETarget: am3pr01mb0662.eurprd01.prod.exchangelabs.com
x-ms-diagnostics: 2000001;reason="The token has invalid value 'roles' for the claim type ''.";error_category="invalid_token"
X-DiagInfo: AM3PR01MB0662
X-BEServer: AM3PR01MB0662
X-AspNet-Version: 4.0.30319
Set-Cookie: exchangecookie=6bf68da033684824af21af3b0cdea6e3; expires=Sat, 14-Nov-2015 16:40:59 GMT; path=/; HttpOnly
Set-Cookie: X-BackEndCookie2=OrganizationAnchor@Fitzdares.onmicrosoft.com=u56Lnp2ejJqBz82am8zJx8zSzcmey9LLyZrI0p6cmp3SycjLm8eazcjIy83IgbmWi4Wbno2ajNGQkZKWnI2QjJCZi9GckJKBzc/Oy9LOzdLOy6vOycXLz8XKxoGaio2PjZvPztGPjZCb0ZqHnJeekZiak56djNGckJI=; expires=Sun, 14-Dec-2014 16:40:59 GMT; path=/EWS; secure; HttpOnly
Set-Cookie: X-BackEndCookie=OrganizationAnchor@Fitzdares.onmicrosoft.com=u56Lnp2ejJqBz82am8zJx8zSzcmey9LLyZrI0p6cmp3SycjLm8eazcjIy83IgbmWi4Wbno2ajNGQkZKWnI2QjJCZi9GckJKBzc/Oy9LOzdLOy6vOycXLz8XKxg==; expires=Sun, 14-Dec-2014 16:40:59 GMT; path=/EWS; secure; HttpOnly
X-Powered-By: ASP.NET
X-FEServer: DB4PR02CA0026
WWW-Authenticate: Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", authorization_uri="https://login.windows.net/common/oauth2/authorize", error="invalid_token",Basic Realm="",Basic Realm=""
Date: Fri, 14 Nov 2014 16:40:59 GMT
Content-Length: 0

I have asked a stack overflow question here: http://stackoverflow.com/questions/26950838/office-365-api-error-the-token-has-invalid-value-roles-for-the-claim-type

Any help on the matter will be hugely appreciated, thanks!