I'm making a call to the oauth2 authorization code endpoint, but the response I'm getting is malformed. My request:
https://login.microsoftonline.com/{tenant}/oauth2/authorize?response_type=code&redirect_uri=http%3A%2F%2Fmy.domain.net&client_id={client_id}&state=48ica28em2bhj0mfgckod36eg6The response I get is:
&code={AUTH_CODE}&session_statee12e8e52-1152-445f-9b30-d34455b12fd6(I've edited the code response to keep it private)
Notice the missing "=" after the session_state variable, making it unreadable. Also, the response is missing the state variable I passed along with the request. Is this something I'm doing wrong, or is this a bug on Azure's end?