ADAL Angular2 appid missing in JWT token (Unauthorized response)

Question

I'm using ADAL library in Agular2 project to authenticate user against Azure AD, once user authenticated calling WebAPI to get some information using REST call. All these working fine with AngularJS-AzureAD-WebAPI scenario.

Followed MS article to create a sample project https://blogs.msdn.microsoft.com/premier_developer/2017/04/26/using-adal-with-angular2

WebAPI receiving calls sfrom Angular2 project but, request has authorization token as anonymous. After futher reasearch, realized that JWT missing appid value and also aud property holds GUID which is Application ID.

Working Call JWT: (AngularJS to WebAPI)

appid: GUID for native application registered in Azure
aud: someone.onmicrosoft.com/CortanaWebAPI

Not working call JWT: (Angular2 to webAPI)

appid: no entry for this property
aud: GUID for native application registered in Azure

adal configuration

const endpoints = {
“https://localhost:44383/”: “http://someone.onmicrosoft.com/CortanaWebAPI”
};
public get getAdalConfig(): any {
return {
tenant: ‘someone.onmicrosoft.com’,
clientId: ‘9d9cd8dd-087a-4e87-b3f9-6e7ded2b5e82’,
redirectUri: window.location.origin + ‘/’,
postLogoutRedirectUri: window.location.origin + ‘/’,
endpoints: endpoints
};
}

Not sure why this is happening, any help appreciated.

Fei Xue - MSFT Fei Xue - MSFT · Accepted Answer · 2017-05-08T02:43:17

The is issue is not relative to the type of client you were developing. It depends on which token you were developing(id_token or access_token).

AFAIK, there is no appid claim is issued only in the access_token. To fix this issue, you need to get the access_token instead of id_token. And the aud claim is depends on the resource or scope parameter when you send the request for the token. Please cofig the corresponding aud in your web API project.

ADAL Angular2 appid missing in JWT token (Unauthorized response)

1 Answers