2
votes

I follow this tutorial : https://docs.microsoft.com/fr-fr/aspnet/core/security/authentication/azure-ad-b2c-webapi?view=aspnetcore-2.1

When I test the connection with Postman, the login page appears (I could register before) but on the validation of form, Postman returns this error: invalid_request

I can not get more details of the error with Postman's console.

I found a little more information here: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-code#error-codes-for-authorization-endpoint-errors

Error Code : invalid_request

Description : Protocol error, such as a missing required parameter.

Client Action : Fix and resubmit the request. This is a development error, and is typically caught during initial testing.

but I can not find the missing or badly configured settings.


Postman

enter image description here

enter image description here

Auth URL : https://login.microsoftonline.com/trukafaire.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_SiUpIn

Scope : https://trukafaire.onmicrosoft.com/c9f1cb20-xxxx-xxxx-xxxx-xxxxxxxxxxxx/user_impersonation openid offline_access

Visual Studio

my webapi running (use the template create with visual studio with no change) at this address : https://localhost:44362/ (she is running when I test).

My appsettings.json :

{
  "AzureAdB2C": {
    "Instance": "https://login.microsoftonline.com/tfp/",
    "ClientId": "c9f1cb20-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "Domain": "trukafaire.onmicrosoft.com",
    "SignUpSignInPolicyId": "B2C_1_SiUpIn"
  },
  "Logging": {
    "IncludeScopes": false,
    "Debug": {
      "LogLevel": {
        "Default": "Warning"
      }
    },
    "Console": {
      "LogLevel": {
        "Default": "Warning"
      }
    }
  }
}

Azure

Application Postman

enter image description here

Application WebApi

enter image description here

1

1 Answers

0
votes

ok, i think i found, i do not know if the tutorial is wrong or if i missed a step.

My scope was bad, the tutorial say:

Scope:

https://<holding domain name>/<api>/user_impersonation openid offline_access

in my case for it to work, here is the url I had to use :

https://<holding domain name>/api/user_impersonation

To find the scope, go to the Azure portal, select "Applications" and click on your API. Then click on "Published Scope" and you can found the good url:

enter image description here