IDX10214: Audience validation failed. Audiences: '[PII is hidden]'

Question

I have web app using azureb2c for authentication. Have 3 APIs which are called by web app via Ocelot gateway using HttpClient. After authentication, when a request is made to an API via gateway the request is made to the specific API and the required response is served. However while reading the response there is an exception thrown at below line

var result = await response.Content.ReadAsStringAsync();

IDX10214: Audience validation failed. Audiences: ‘[PII is hidden]’. Did not match: validationParameters.ValidAudience: ‘[PII is hidden]’ or validationParameters.ValidAudiences: ‘[PII is hidden]’.

I have tested the API individually using postman and it works.

I have the code configured for each client similar to below

services.AddHttpClient<IApiClient, ApiClient>()
                .AddHttpMessageHandler<AccessTokenHandler>()
                .AddHttpMessageHandler<ValidateHeaderHandler>()
                .AddTransientHttpErrorPolicy(policyBuilder => policyBuilder.RetryAsync(2))
                .AddTransientHttpErrorPolicy(policyBuilder => policyBuilder.CircuitBreakerAsync
                 (
                    handledEventsAllowedBeforeBreaking: 2,
                    durationOfBreak: TimeSpan.FromMinutes(1)
                 ));

score 2 · Answer 1 · answered Jan 04 '20 at 00:55

2

You can try:

if (env.IsDevelopment())
{
     IdentityModelEventSource.ShowPII = true; 
}

Also, you may want to add authorization as this isn't included by default.

answered Jan 04 '20 at 00:55

Marilee Turscak - MSFT

7,367
3
18
28

2

It did not help me, I'm still receiving AuthenticationFailed error message. I'm failing to understand why and who is authenticating the response on client side when API is sending response without complaining. – Mady Jan 04 '20 at 05:18

IDX10214: Audience validation failed. Audiences: '[PII is hidden]'

1 Answers1