Comments (4)
We reverted the change to a OpenID middleware and now using Jwt against /<tenant>/v2.0
, which works so far.
Finally, I am able to call my API with MSAL 2.0 as Admin and I can request GraphSdk.Me.Request().GetAsync()
As user I get:
AADSTS65001: The user or administrator has not consented to use the application with ID '123' named 'MyApp'. Send an interactive authorization request for this user and resource.
To be honest I have right now no idea how to do that ( and no idea how to call user schema extensions ).
I got the consent question on the first admin login and on the first user login. For both I have accepted the dialog.
Our target is to have absolutely no consent questions for any user.
I know I have to configure something on the MSAL portal in the pre-auth'ed applications section.
But the documentation here is not clear, too.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Okay, another step further.
You cannot set contents to a WebAPI platform only.
An admin consent can only bet set if a reply url exists, because a reply url is required - and this is only the case for a WebApp.
So even you have a Web API you have to add a Web App box to your Azure AD 2.0 App configuration.
This absolutely misses in every documentation and also makes no sense for me.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Thanks for your feedback @BenjaminAbt
We are currently working on this documentation and associated samples
The case of the Web API is handled in another sample: https://github.com/azure-samples/active-directory-dotnet-native-aspnetcore-v2
from active-directory-aspnetcore-webapp-openidconnect-v2.
See also #24 which I just medged.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Related Issues (20)
- AADSTS500113: No reply address is registered for the application HOT 1
- System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://XXX.onmicrosoft.com/XXX_SignUp_SignIn/v2.0/.well-known/openid-configuration'. HOT 5
- [Feature Request] Update 2-WebApp-graph-user/2-3-Multi-Tenant to Graph SDK 5 HOT 1
- 1-5-B2C Returning 'Unauthorized_client' error HOT 2
- Fix graphic on 3-Web-app-multi-apis & 4-1
- Why is the secret necessary in sample 2-1-Call-MSGraph? HOT 4
- AADSTS501461 on 4-1-MyOrg HOT 2
- Please update your client sample to use Blazor Web App in .NET 8 HOT 2
- Notes: Notes.md
- [Feature Request] HOT 1
- [Azure AD B2C] AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow HOT 1
- Error when redirecting to Graph API deployed to Azure Web Apps HOT 3
- SecurityTokenSignatureKeyNotFoundException: IDX10503: Signature validation failed. HOT 1
- Querying the MS Graph as part of the OnTokenValidated fails with error that "Input id_token cannot be used as ..."
- Configure.sp1
- [Feature Request]
- Code example does not handle OData error to process the CAE challenge from Microsoft Graph. HOT 1
- mongodb HOT 1
- Required step to add owner is missing in documentation
- Revoke session/Reset password not Asking relogin even enabled CAE in WebAPP code
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from active-directory-aspnetcore-webapp-openidconnect-v2.