How to secure Web API with passport-azure-ad (/w vue-msal)

I want to secure Web API with passport-azure-ad and use bearerStrategy. I follow the example the module has provided and pass metadata and clientId, I always got 401 unauthorized. Here is my configs of passport-azure-ad I provided authorization request header with the access token generated by vue-msal. I also checked the access token’s signature is not valid as well. In addition, I used ID token instead but still 401 unauthorized. In portal /AAD /App registration, I’ve enabled both of implicit grant flowã€accessTokenAcceptedVersion: 2ã€granted admin consent for my subscription in API permissions What else did I missed ? Answer In your