Noticed when doing a personal project with Yggdrasil auth that, despite the session server still accepting tokens you create with the Mojang auth endpoint for non-migrated accounts, all endpoints on "http://api.minecraftservices.com" don't accept it as a valid token and return a 403. You can still login to servers with these accounts, but endpoints such as "https://api.minecraftservices.com/minecraft/profile" fail to return any data which does break some software that hasn't updated yet.
The endpoint appears to be referenced on the official http://Minecraft.net site by the MSAProfileStore.ts class, which makes me believe it's a bug that it's not working and not a result of the recent Microsoft migration.
Appears to be a recent thing as these endpoints were working in the last 48h from my testing. Generated a fresh access token and ensured it was valid to verify this using the validation endpoint with a non-fixed client token.
Attachments
Comments 4
Correct, I'm testing with an unmigrated account. What's more confusing to me was the mixed messages it was giving me, since I'm still able to play on servers despite the account being unmigrated since the session server accepts it as a valid token, yet another endpoint doesn't. Not sure if the intended behavior is to fully block or fully allow and just block Mojang login via launcher since it's doing a bit of both currently.
Thank you for your report!
However, this issue has been temporarily closed as Awaiting Response.
Could you please confirm if the reported issue still occurs for you?
This ticket will automatically reopen when you reply.
Quick Links:
📓 Issue Guidelines – 💬 Mojang Support – 📓 Project Summary – 📧 Suggestions – 📖 Minecraft Wiki
If the account in question is required to migrate then it is intended behavior to not be able to fetch profile data. I assume you are testing with one of these accounts?