2

I just followed the tutorial on the page and created a certificate and exposed it to the azure portal. I also uploaded the policy files and modified them with my tenant. I'm running the application on my localhost, but when I wanna browse to that link, I got following error in jwt.ms:

AADB2C90232: The provided id_token_hint parameter does not contain an accepted issuer. Please provide another token and try again. Correlation ID: 1f9cd754-7033-40ea-91a2-b2f91b867fb9 Timestamp: 2020-06-29 13:05:18Z

I saw that the issuer in the the token is related to localhost:

{
  "alg": "RS256",
  "kid": "1D8082E33223E5EA5094B62B4BB5B3944779D3AD",
  "x5t": "HYCC4zIj5epQlLYrS7WzlEd5060",
  "typ": "JWT"
}.{
  "name": "Western Miller",
  "email": "test@test.be",
  "nbf": 1593436327,
  "exp": 1594041127,
  "iss": "https://localhost:44351/",
  "aud": "ba6d05ab-ec87-4d04-b83f-dc62ebb727d8"
}.[Signature]

Anyone who knows what I need to place in the iss that's working by just running locally?

SSK
  • 3,444
  • 6
  • 32
  • 59
Kevin Tahon
  • 21
  • 3

1 Answers1

2

This occurs when the id_token_hint you generate in your web service contains an issuer claim (iss), that is not accepted by the id token hint technical profile.

See in the below XML, that the issuer item must contain a string that matches exactly your iss claim in the generated id_token_hint.

      <TechnicalProfiles>
        <TechnicalProfile Id="IdTokenHint_ExtractClaims">
          <DisplayName> My ID Token Hint TechnicalProfile</DisplayName>
          <Protocol Name="None" />
          <Metadata>
          
            <!--Sample action required: replace with your endpoint location -->
            <Item Key="METADATA">https://your-app.azurewebsites.net/.well-known/openid-configuration</Item>
            <Item Key="IdTokenAudience">your_optional_audience_override</Item>
            <Item Key="issuer">your_optional_token_issuer_override</Item>
          </Metadata>

You should put https://localhost:44351/ in the issuer metadata item.

Jas Suri - MSFT
  • 10,605
  • 2
  • 10
  • 20