Search
Search

Azure B2C - 401 unauthorised trying to read id_token in code after logging in

Journeyman1234 Published at Dev
27
Journeyman1234

I am trying to use the token granted by a secured AAD domain when using my web app

I followed the advice on this link: Retrieve Access Token within a AAD secured Azure Web App

I have managed to get as far as logging in and verifying the ./me URL correctly shows me my token

However when I try and call same token in code I get 401 unauthorised

I have been using the Resource Explorer to configure the additionalLoginParams and have tried to put the app ID as well as the graph URL but nothing has solved the problem

    async public Task<string> GetToken()

    {

        HttpClient _client = new HttpClient();


        string _token = "";

        HttpResponseMessage response = await _client.GetAsync("https://alfreton.azurewebsites.net/.auth/me");
        response.EnsureSuccessStatusCode();
        string responseBody = await response.Content.ReadAsStringAsync();

        ReadUserToken readUserToken = new ReadUserToken();

        readUserToken = JsonConvert.DeserializeObject<ReadUserToken>(responseBody);

        _token = readUserToken.id_token;

        return _token;


    }
}

}

EDIT Following the advice below the code now looks like this but I am still getting an Unauthorized error messsage

    async public Task<string> GetToken()

    {

        HttpClient _client = new HttpClient();


        string _token = "";

        string accessToken = this.Request.Headers["X-MS-TOKEN-AAD-ACCESS-TOKEN"];

        _client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
        HttpResponseMessage response = await _client.GetAsync("https://alfreton.azurewebsites.net/.auth/me");
        response.EnsureSuccessStatusCode();
        string responseBody = await response.Content.ReadAsStringAsync();

        ReadUserToken readUserToken = new ReadUserToken();

        readUserToken = JsonConvert.DeserializeObject<ReadUserToken>(responseBody);

        _token = readUserToken.id_token;


        return _token;


    }

When I read through the headers, I find there is X-MS-TOKEN-AAD-ID-TOKEN - can I use that to get an access token?

Journeyman1234

OK I figured it out, what I needed to do is get X-MS-TOKEN-AAD-ID-TOKEN from the Request Headers after logging in then pass that in as the Bearer and that in turn got me a X-MS-TOKEN-AAD-ACCESS-TOKEN which I can use for accessing the API

Thanks loads!

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at
0

Comments

0 comments
Login to comment

Related

401 unauthorised using a bearer token with Laravel Passport

Azure AD B2C - how is username/password exchanged for id_token?

Azure AD B2C Add Claims to id_token in custom policy

Azure AD B2C seems to be creating "unknown" users when refreshing id_token?

Skype for business web sdk 401 Unauthorised when trying to login

Azure AD B2C custom Sign Up invitation policy is returning 401 when trying to hit metadata endpoint

Discord api returns 401 unauthorized when trying signin via Azure AD B2C custom policy

azure ad b2c; after mobile log in: the token returned does not include an access token, but a token Id

getting an error trying to fetch token from Azure AD B2C

401 Unauthorised due to CORS when sending request to get user token

OAuth 401 Unauthorised

im trying to read/write user in azure b2c using web api , but Im getting Insufficient permissions

Azure AD B2C Register users after validating an Invitation Token

how to refresh the access token in azure b2c using MSAL.js after 24 hours?

Getting Error AADB2C99067 when trying to request access token from Azure B2C

Azure B2C and authentication with token

RTSP gives 401 (unauthorised) error

Azure AD B2C logout after session timeout

Azure B2C session not expire after password reset

How can I manually get an access token using OAuth 2.0 authorization code flow in Azure Active Directory B2C?

How to use device code flow with Azure B2C

Azure Ad b2c: Get email in Claims after successfully Signin in azure ad b2c

Azure AD B2C Refresh Token Revoked 403

Azure AD B2C - Token validation does not work

Azure Active Directory B2C: how to refresh a token

Request Access Token in Postman for Azure AD B2C

Azure AD B2C Token Issue

Why is the Azure B2C Access Token so long

Add claims into token Azure B2C

TOP Ranking

  1. 1

    pump.io port in URL

  2. 2

    Loopback Error: connect ECONNREFUSED 127.0.0.1:3306 (MAMP)

  3. 3

    Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background

  4. 4

    How to import an asset in swift using Bundle.main.path() in a react-native native module

  5. 5

    Failed to listen on localhost:8000 (reason: Cannot assign requested address)

  6. 6

    Spring Boot JPA PostgreSQL Web App - Internal Authentication Error

  7. 7

    ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3

  8. 8

    Using Response.Redirect with Friendly URLS in ASP.NET

  9. 9

    Can a 32-bit antivirus program protect you from 64-bit threats

  10. 10

    Double spacing in rmarkdown pdf

  11. 11

    How to fix "pickle_module.load(f, **pickle_load_args) _pickle.UnpicklingError: invalid load key, '<'" using YOLOv3?

  12. 12

    3D Touch Peek Swipe Like Mail

  13. 13

    Bootstrap 5 Static Modal Still Closes when I Click Outside

  14. 14

    Assembly definition can't resolve namespaces from external packages

  15. 15

    Vector input in shiny R and then use it

  16. 16

    Emulator wrong screen resolution in Android Studio 1.3

  17. 17

    Svchost high CPU from Microsoft.BingWeather app errors

  18. 18

    Graphics Context misaligned on first paint

  19. 19

    Python connect to firebird docker database

  20. 20

    Is this docker-for-mac password dialog legit?

  21. 21

    How to save models trained locally in Amazon SageMaker?

HotTag

Archive