0

I have a React SPA that calls a Node API that in turns calls another Node API. I configured the first API to allow for user1 to have access. I configured the second API to ONLY allow the first API to access it. When user1 clicks the button to make the call to the api, using the code below, I get this error:

AADSTS700051: response_type 'token' is not enabled for the application.

Code:

forecastButtonState = async () => { 
authContext.then(async data => {
  const pData = {latitude: "38.8106", longitude:"-90.6998"};

  const url = "http://localhost:3005/api/getforecast";

  const options = {
    method: 'POST',
    body: JSON.stringify(pData),
    headers: { 'Content-Type': 'application/json' }
  };

  const adalApiFetch = (fetch, url, options) =>
    adalFetch(data, data.config.endpoints.api, fetch, url, options);
  
  try {
    const { response } = await adalApiFetch(axios, url, options);
    console.log(response);
  } catch (error) {
    console.log(error);        
  }      
}); 
};

The "oauth2AllowImplicitFlow" is set to true in the manifest and that seems to be the solution for everything I have found so far. Also, under Authentication and Implicit grant both Access tokens and ID tokens are checked

I am baffled as to what is the problem. I have it configured the way it should be.

halfer
  • 19,824
  • 17
  • 99
  • 186
Obie_One
  • 81
  • 10

1 Answers1

1

I recommend you to use on-behalf-of-flow for the issue. It serves the use case where an application invokes a service/web API, which in turn needs to call another service/web API.

The steps that follow constitute the OBO(on-behalf-of) flow and are explained with the help of the following diagram.

enter image description here

About the Error: AADSTS700051: response_type 'token' is not enabled for the application.

You could modify the app manifest(Navigate to App registrations -> your application -> Manifest ) or select token in the Authentication (Navigate to App registrations -> your application -> Authentication).

Manifest:

enter image description here

Authentication:

enter image description here

UPDATE:

Try this URL, make sure the api can be called well.

https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id={your-client-id}
&response_type=id_token
&redirect_uri=https://jwt.ms
&scope=openid
&response_mode=fragment
&state=12345
&nonce=678910
unknown
  • 6,778
  • 1
  • 5
  • 14
  • I will try the OBO. I already had the settings that you show in the your last screenshots. That is why I couldn't understand why it wasn't working. – Obie_One Jun 29 '20 at 13:28
  • @Obie_One Try the url(in the update message). I have already tried the error, and I can only reproduce it when the Access tokens and ID tokens are unchecked. – unknown Jun 30 '20 at 02:09