diff --git a/pkg/spamasaurusrex/main.go b/pkg/spamasaurusrex/main.go
index c583d8b..013bf59 100644
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@@ -22,8 +22,9 @@ import (
 func handler(w http.ResponseWriter, r *http.Request) {
 	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
 	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
-	// redirectURI := "https://alias.spamasaurus.com/"
+	redirectURI := "https://alias.spamasaurus.com/"
 	scopes := []string{"user.read"}
+	queryParams := r.URL.Query()
 
 	ctx := context.Background()
 
@@ -32,7 +33,6 @@ func handler(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		// TODO: handle error
 	}
-
 	confidentialClient, err := confidential.New("https://login.microsoftonline.com/"+tenantId, clientId, cred)
 	if err != nil {
 		// TODO: handle error
@@ -41,7 +41,8 @@ func handler(w http.ResponseWriter, r *http.Request) {
 	result, err := confidentialClient.AcquireTokenSilent(ctx, scopes)
 	if err != nil {
 		// cache miss, authenticate with another AcquireToken... method
-		result, err = confidentialClient.AcquireTokenByCredential(ctx, scopes)
+		// result, err = confidentialClient.AcquireTokenByCredential(ctx, scopes)
+		result, err = confidentialClient.AcquireTokenByAuthCode(ctx, queryParams["code"][0], redirectURI, scopes)
 		if err != nil {
 			// TODO: handle error
 		}