Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type.
See original GitHub issueIssue
Please provide us with the following information:
This issue is for the sample ms-identity-javascript-angular-tutorial. After following the instructions explicitly I am getting the following error when attempting to login.
ERROR ServerError: invalid_request: 9002326 - [2021-09-03 14:20:13Z]: AADSTS9002326: Cross-origin token redemption is permitted only for the ‘Single-Page Application’ client-type. Trace ID: 40e5a04a-6016-42c3-b32f-0b9f20b61500 Correlation ID: b5a1a372-ed08-48a7-95e6-f7ab55489f03 Timestamp: 2021-09-03 14:20:13Z - Correlation ID: b5a1a372-ed08-48a7-95e6-f7ab55489f03 - Trace ID: 40e5a04a-6016-42c3-b32f-0b9f20b61500 at ServerError.AuthError [as constructor] (AuthError.ts:40) at new ServerError (ServerError.ts:14) at ResponseHandler.validateTokenResponse (ResponseHandler.ts:99) at AuthorizationCodeClient.<anonymous> (AuthorizationCodeClient.ts:82) at step (vendor.js:124872) at Object.next (vendor.js:124802) at fulfilled (vendor.js:124756) at ZoneDelegate.invoke (zone.js:386) at Object.onInvoke (core.js:28301)
- [ ] 1-1) Sign-in with Azure AD
- [ ] 1-2) Sign-in with Azure AD B2C
- [ ] 2-1) Acquire a Token and call Microsoft Graph
- [ ] 3-1) Protect and call a web API on Azure AD
- [ ] 3-2) Protect and call a web API on Azure AD B2C
- [ ] 4) Deploy to Azure Storage and App Service
- [ ] 5-1) Call a web API using App Roles
- [ ] 5-2) Call a web API using Security Groups
- [ ] 6-1) Call a multi-tenant web API
- [X ] 7-1) Call Microsoft Graph using on-behalf-of flow
- [ ] 7-2) Call a web API using Proof of Possession tokens
This issue is for a
- [ X] bug report -> please search issues before submitting
- [ ] question
- [ ] feature request
- [ ] documentation issue or request
Minimal steps to reproduce
Simply follow the instructions (btw you should check over the documentation b/c there are clear copy pasta errors there as well, you reference a “ToDoList” controller which does not exist, I believe you mean the ProfileController.
Any log messages given by the failure
ERROR ServerError: invalid_request: 9002326 - [2021-09-03 14:20:13Z]: AADSTS9002326: Cross-origin token redemption is permitted only for the ‘Single-Page Application’ client-type. Trace ID: 40e5a04a-6016-42c3-b32f-0b9f20b61500 Correlation ID: b5a1a372-ed08-48a7-95e6-f7ab55489f03 Timestamp: 2021-09-03 14:20:13Z - Correlation ID: b5a1a372-ed08-48a7-95e6-f7ab55489f03 - Trace ID: 40e5a04a-6016-42c3-b32f-0b9f20b61500 at ServerError.AuthError [as constructor] (AuthError.ts:40) at new ServerError (ServerError.ts:14) at ResponseHandler.validateTokenResponse (ResponseHandler.ts:99) at AuthorizationCodeClient.<anonymous> (AuthorizationCodeClient.ts:82) at step (vendor.js:124872) at Object.next (vendor.js:124802) at fulfilled (vendor.js:124756) at ZoneDelegate.invoke (zone.js:386) at Object.onInvoke (core.js:28301)
Expected/desired behavior
To be able to log in.
Library version
latest
Browser and version
Chrome
Mention any other details that might be useful
Thanks! We’ll be in touch soon.
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
BTW I changed that to SPA and it worked now. I would just change the PS script for future persons 😃
Fixed the issues in README. Closing this now, let us know if you run into another issue.