Valid access_token but no identity #135
Comments
|
Do you have any error in your console? I think the issue you might have is that 1) you're missing the issuer in the configuration and 2) you're missing the jwks as well, which you have to setup manually. All this is because Azure AD B2C doesn't support CORS and can't get the information straight from Head to https://login.microsoftonline.com/"tennant_id"/v2.0/.well-known/openid-configuration and, in that document :
After that, you should be good to go and it should (hopefully) work. I had success with that, but using Azure AD B2C, but it should be the same with "classic" AAD. |
|
Hi @Gimly Thank you for the replay. I do see the following error when I set Changing I tried for a day with your suggestion, but no luck. |
|
I don't have access to my code right now, but if I recall correctly, what I did was doing something like: this.oauthService.jwks = {
keys: [
{
kid: "X5eXk4xyojNFum1kl2Ytv8dlNP4-c57dO6QGTVBwaNk",
nbf: 1493763266,
use: "sig",
kty: "RSA",
e: "AQAB",
n: "tVKUtcx_n9rt5afY_2WFNvU6PlFMggCatsZ3l4RjKxH0jgdLq6CScb0P3ZGXYbPzXvmmLiWZizpb-h0qup5jznOvOr-Dhw9908584BSgC83YacjWNqEK3urxhyE2jWjwRm2N95WGgb5mzE5XmZIvkvyXnn7X8dvgFPF5QwIngGsDG8LyHuJWlaDhr_EPLMW4wHvH0zZCuRMARIJmmqiMy3VD4ftq4nS5s8vJL0pVSrkuNojtokp84AtkADCDU_BUhrc2sIgfnvZ03koCQRoZmWiHu86SuJZYkDFstVTVSR0hiXudFlfQ2rOhPlpObmku68lXw-7V-P7jwrQRFfQVXw"}
]}You can try this and if still doesn't work for you, tell me, I'll check my code and give you more info. |
|
Sorry, still no luck. I don't see any error message coming from loading jwks object. Here is my declaration: |
|
@stepsma Could you try without the quotes in the properties names? |
|
Thanks a lot, let me give a further try on this. |
|
I'm late to this party. sorry. Did it work? |
|
Thank you for the help. It still didn't work for me actually, and I later switched to ADAL. Let me explore little more using OIDC, and close two of my issues for now, thanks. |
|
@manfredsteyer, @stepsma I am having the same issue. Any luck with this. Any know resolution. I am using Angular 5. |
|
@stepsmaI I tried this library https://blogs.msdn.microsoft.com/premier_developer/2017/04/26/using-adal-with-angular2/ but with angular 5 and no luck with this either. Did you find another library that works for you. |
|
@stuartjdavies I got it to work with MSAL.js https://github.com/AzureAD/microsoft-authentication-library-for-js. You can check out this repo for a working sample https://github.com/Gimly/NetCoreAngularAzureB2CMsal. |
|
I guess I will need some time to provide an example using Azure AD as it seems to provide some challenges ... |
|
For what it's worth I managed to get it to work with Azure. It was a massive PITA though. I was already using angular-oauth2-oidc for Okta and didn't want to use another library like ADAL. @stepsma you have to have oidc = true to get identity claims. If you switch it off, angular-oauth2-oidc will not send the request for id_token!!!!!!! and
Hope it helps. I am actually thinking this might be worth writing an article/doc about it.... |
|
@Greg5ki Have you written some article about using angular-oauth2-oidc with AAD authentication yet?. It helps me if you did. I'm thinking to use this library for authentication of our app. As you mentioned I also want to use the same library for Okta and AAD. |
@mraible @Greg5ki i have tried that, but didn't work, it always makes the /certs call, and returning the cors problem. |
Hi Manfred,
I am currently trying to setup a Microsoft AAD authentication with OIDC component. I am doing trylogin() first with implicitFlow().
I am able to get valid access_token (with expiration) and use it to service API, however I am NOT able to get id token and identity claim. Both getIdentityClaims() function and getIdToken() function returns null. Could you please help take a look, whether this is normal? Thank you so much.
Following is my configuration.
The text was updated successfully, but these errors were encountered: