I've followed the instructions the best I can for configuring the SharePoint Spoke but there are some differences I as a developer aren't allowed to do that the configuration expects. We aren't allowed to just select Sites.FullControl and Sites.ReadAll in the online configuration. We are only allowed to connect directly to the site we need access to so Sites.Selected. When I go to my Credential record the configuration gets a valid OAuth token. When I make a call in Flow Designer I get an error for "Invalid Authorization Token". If you open the responseHeaders there is an error for "Invalid audience Uri". I have the aud record URL set to the same URL as the Token URL in the Application Registry record. "https://login.microsoftonline.us/<directory (tenant) id>/oauth2/token"
Any ideas how to fix this error or if the SharePoint Online Spoke is even able to communicate to SPO this way?
I'm on a government instance so we use the .us domain.
