Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Bearer error="invalid_token", error_description="The signature key was not found"

See original GitHub issue

Issue

Please provide us with the following information:

This issue is for the sample

    - [ ] 1-1) Sign-in with Azure AD
    - [ ] 1-2) Sign-in with Azure AD B2C
    - [ ] 2-1) Acquire a Token and call Microsoft Graph
    - [x ] 3-1) Protect and call a web API on Azure AD
    - [ ] 3-2) Protect and call a web API on Azure AD B2C
    - [ ]   4) Deploy to Azure Storage and App Service
    - [ ] 5-1) Call a web API using App Roles
    - [ ] 5-2) Call a web API using Security Groups
    - [ ] 6-1) Call a multi-tenant web API
    - [ ] 7-1) Call Microsoft Graph using on-behalf-of flow
    - [ ] 7-2) Call a web API using Proof of Possession tokens

This issue is for a

    - [x] bug report -> please search issues before submitting
    - [ ] question
    - [ ] feature request
    - [ ] documentation issue or request

Minimal steps to reproduce

I followed the steps, running the api in two diferent ways: from visual studio using IIS express and from the console as described in the steps.

Any log messages given by the failure

I’m able to open the page, gets a bearer token, but when accessing the todolist page I get the following errors, two different errors, according to how I run the api:

  1. If running from Visual Studio: 401 - Bearer error=“invalid_token”, error_description=“The signature key was not found”

  2. If running from a console with “dotnet run”: Err_Cert_Authority_Invalid

Expected/desired behavior

Expected to get access to the todolist page.

Browser and version

Chrome, Edge, Firefox, Safari? Chrome, newest (92)

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:9 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
jeevasusejcommented, Sep 20, 2021

Thank you @derisen

1reaction
derisencommented, Sep 17, 2021

@jeevasusej no you can’t. You’ll need an access token for your web API (the aud claim in the token will be the clientId of your web API, and scp claim will be its scope that you’ve exposed during app registration).

The sample is already configured to do this (see the doc). In auth-config.ts, we have the protectedResources object:

export const protectedResources = {
  todoListApi: {
    endpoint: "https://localhost:44351/api/todolist",
    scopes: ["Enter_the_Web_Api_Scope_here"], // e.g. "api://<service-app-client-id>/access_as_user"
  },
}

Then in app.module.ts, we set protectedResourceMap object:

export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration {
  const protectedResourceMap = new Map<string, Array<string>>();

  protectedResourceMap.set(protectedResources.todoListApi.endpoint, protectedResources.todoListApi.scopes);

  return {
    interactionType: InteractionType.Redirect,
    protectedResourceMap
  };
Read more comments on GitHub >

github_iconTop Results From Across the Web

Bearer error - invalid_token - The signature key was not found
I was facing the same issue. i was missing the authority..make sure authority and api name is correct now this code in configure...
Read more >
Getting Bearer error="invalid_token", error_description="The ...
I followed the example and get Bearer error="invalid_token", error_description="The signature key was not found" error in response when SPA request profile ...
Read more >
Error: The signature key was not found - OAuth/OIDC
Bearer error ="invalid_token", error_description="The signature key was not found". I'm using the default authorization server.
Read more >
The signature key was not found - Auth0 Community
Bearer error =“invalid_token”, error_description=“The signature key was not found”". The code is exactly the same, the only difference is ...
Read more >
Authorization using JWT token not working ("The signature ...
WWW-Authenticate →Bearer error="invalid_token", error_description="The signature key was not found". I use ASP.NET Core / .NET 5 for the backend.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type.

Next page

Error invalid_token - The audience is invalid