Hi Amit,

The solution described in this document applies for Authorization Code Flow and Implicit Grant Flow of OpenID which are based on user consent. Hence they work with Azure Delegated Permissions and don’t need Application permissions.

What you are trying to implement is Client Credentials Flow which is machine-to-machine based. I have not done this with Azure but I quickly attempted it with my AD and got the same error as you (invalid scope). But the same request against the v1.0 endpoint (just remove the v2.0 in the token endpoint), I got back an access token. Refer to this section of Azure documentation for more info https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow

Good luck!