Azure authentication Audience validation failed

by

I’m afraid the issue comes from the auth configuration in startup. Pls allow me show my code snippet to explain it well.

In my opinion, you could use services.AddMicrosoftIdentityWebApiAuthentication(Configuration); instead. And you should exposed the api correctly.

The steps of exposing api, you can follow the documents. What I wanna repeat here is when you generate an access token, it should have the scope like api://clientid_of_the_app_exposed_api/tiny/User.Read which can match the configuration in appsettings.json

My react code, it is referred to this sample:

import { AuthenticatedTemplate, UnauthenticatedTemplate, useMsal } from "@azure/msal-react";  
const callApi = (accessToken) => {
            const headers = new Headers();
            const bearer = `Bearer ${accessToken}`;
    
            headers.append("Authorization", bearer);
    
            const options = {
                method: "GET",
                headers: headers
            };
    
            fetch("https://localhost:44341/api/home", options)
                .then(response => {
                    var a = response.json();
                    console.log(a);
                })
                .catch(error => console.log(error));
        };
    
        const ProfileContent = () => {
            const { instance , accounts} = useMsal();
            const [graphData, setGraphData] = useState(null);
            const loginRequest = {"scopes": ["api://clientid_of_the_app_exposed_api/tiny/User.Read"]};
        
            function RequestProfileData() {
                instance.acquireTokenSilent({
                    ...loginRequest,
                    account: accounts[0]
                }).then((response) => {
                    callApi(response.accessToken);
                });
            }

My ConfigureServices in startup file, these are referred to this document:

public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
            {
                builder.AllowAnyOrigin()
                       .AllowAnyMethod()
                       .AllowAnyHeader();
            }));
            services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
            services.AddControllers();
        }

My appsettings :

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*",
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "ClientId": "clientid_which_have_api_permission",
    "Domain": "tenantname.onmicrosoft.com",
    "TenantId": "common",
    "Audience": "clientid_of_the_app_exposed_api"
  }
}

My controller:

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Identity.Web.Resource;
using System.Collections.Generic;

namespace WebApplication1.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    [Authorize]
    public class HomeController : ControllerBase
    {
        [HttpGet]
        [RequiredScope("User.Read")]
        public ActionResult<IEnumerable<string>> Get()
        {
            return new string[] { "value1", "value2" };
        }
    }
}

enter image description here

More Related Contents:

  1. Uncaught TypeError: Cannot read property ‘state or props’ of undefined
  2. Can you force a React component to rerender without calling setState?
  3. Use state or refs in React.js form components?
  4. PropTypes in a TypeScript React Application
  5. How to stop /#/ in browser with react-router?
  6. React Hook : Send data from child to parent component
  7. Unexpected token ‘=’ in React Component [duplicate]
  8. Attempted import error: ‘Switch’ is not exported from ‘react-router-dom’
  9. Can’t import SVG into Next.js
  10. Could not proxy request /pusher/auth from localhost:3000 to http://localhost:5000 (ECONNREFUSED)
  11. How to reset TabNavigator when user logs out (from other screen)
  12. What will happen if I use setState() function in constructor of a Class in ReactJS or React Native?
  13. Stop useEffect from running on mount
  14. react evironment variables .env return undefined
  15. Inline CSS styles in React: how to implement a:hover?
  16. Setting text color, outline, and padding on Material-ui Autocomplete component
  17. onKeyDown event not working on divs in React
  18. How to connect API with Web SPA through docker
  19. Unable to create new react app with npx create-react-app
  20. Safe alternative to dangerouslySetInnerHTML
  21. How to setup i18n translated URL routes in Next.js?
  22. How to declare a global variable in React?
  23. How to turn on/off ReactJS ‘development mode’?
  24. How to submit a form using Enter key in react.js?
  25. Dynamically build classnames in TailwindCss
  26. When exactly is `componentDidMount` fired?
  27. this.setState is undefined
  28. React stateless component this.refs..value?
  29. How to add custom Material UI palette colors
  30. Media queries in Material UI components

Leave a Comment