.Net Core Web API manually validate Azure AD access Token and get user details

0
votes

I need to validate an Azure AD token(loginResponse.idToken) generated by an React app after Azure AD Validating the user.

In my Web API backend I need to manually validate the token in one of my Web API's and get the user details from the access token. And then send a new JWT token create by the .Net core app.

I tried to validate the Azure AD token, but failed. I tried based on the example on validating the token, but failed.

It returns the error "Signature validation failed. Unable to match key: kid: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]".

Can anyone help me to validate the token and get the user details form the token.

1
asp.net-coreazure-active-directoryasp.net-core-webapi
How do you set up the scope?Carl Zhao
Parse your access token and provide a screenshot.Carl Zhao

1 Answers

1
votes

This error is caused by the scope. You may have set the wrong scope.

I answered similar questions before, first you need to expose the api of the back-end application in Azure. Then you need to set the scope to: {your api application client id}/{scope name}.

Please be careful not to add the api:// prefix.