Azure AD B2C (NodeJS): Unauthorized 401 error for a request with a valid token

我的梦境 提交于 2021-02-11 16:48:57

问题


I'm using Azure AD B2C for authentication for my NodeJS API. However, I keep receiving a 401 Unauthorized error by Azure AD B2C. When I add ignoreExpiration: true to my AAD auth options, I do not get a 401 Unauthorized error and my API works fine. However, once I remove the ignoreExpiration, I get the 401 Unauthorized error.

I even generated a new token, verified that it is valid (and not expired) by decoding the token using https://jwt.io/. I even made sure it has the correct scope.

The API is running on my machine for now as I'm testing it using POSTMAN. Can someone please help? Here is what my AAD options looks like:

var aad_auth_options = { identityMetadata: process.env.AADMetadataEndpoint, clientID: process.env.ClientId, audience: process.env.AADAudience, isB2C: true, validateIssuer: false, loggingLevel: 'info', passReqToCallback: false, policyName: process.env.PolicyName, // ignoreExpiration: true, //When uncommented, the authentication works as expected! loggingNoPII: false }


回答1:


I have tried with the below options, it worked for me.

var options = {
    identityMetadata: "https://login.microsoftonline.com/" + tenantID + "/v2.0/.well-known/openid-configuration/",
    clientID: clientID,
    policyName: policyName,
    isB2C: true,
    validateIssuer: true,
    loggingLevel: 'info',
    passReqToCallback: false
};

You can pass the audience too.. Repository i used for testing is mentioned below-

https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi/blob/master/index.js

Note:- I have used AD B2C User flow instead of custom policies.

Can you please try and see if it works.

Hope it helps.



来源:https://stackoverflow.com/questions/54878511/azure-ad-b2c-nodejs-unauthorized-401-error-for-a-request-with-a-valid-token

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!