I have configured a backend application (api) and azure apim devportal (client app) in b2c. I have provided access to backend api from client app. I have used this to configure oauth authentication in azure api management.
I am using authorization code flow. For token validation, I have used inbound policy:
<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized" require-expiration-time="true" require-scheme="Bearer" require-signed-tokens="true" clock-skew="0">
<openid-config url="https://<domain>/tenantid/v2.0/.well-known/openid-configuration?p=signinsignup_policy" />
<required-claims>
<claim name="aud">
<value><appid for backend app></value>
</claim>
</required-claims>
</validate-jwt>
While trying from apim developer portal I am getting below error while using the token received:.
JWT Validation Failed: IDX10501: Signature validation failed. Unable to match keys
I have configured backend api application id as resource and user_impersonation as defaultscope. Decoding token I can see same backend appid as aud. I also tried using appid uri as resource but see same error.
Any help is appreciated.
