Error invalid_token - The audience is invalid
See original GitHub issueIssue
The front authentication is well but when I request the backend I have a 401 response with :
www-authenticate | Bearer error=“invalid_token”, error_description=“The audience ‘xxxxxxx’ is invalid” |
---|
This issue is for the sample
- [ ] 1-1) Sign-in with Azure AD
- [ ] 1-2) Sign-in with Azure AD B2C
- [ ] 2-1) Acquire a Token and call Microsoft Graph
- [x ] 3-1) Protect and call a web API on Azure AD
- [ ] 3-2) Protect and call a web API on Azure AD B2C
- [ ] 4) Deploy to Azure Storage and App Service
- [ ] 5-1) Call a web API using App Roles
- [ ] 5-2) Call a web API using Security Groups
- [ ] 6-1) Call a multi-tenant web API
- [ ] 7-1) Call Microsoft Graph using on-behalf-of flow
- [ ] 7-2) Call a web API using Proof of Possession tokens
This issue is for a
- [ ] bug report -> please search issues before submitting
- [ x] question
- [ ] feature request
- [ ] documentation issue or request
Minimal steps to reproduce
I just followed the steps. The only modification is that I updated azure/msal-angular (2.0.0-beta.6) and @azure/msal-browser (2.14.2)
Any log messages given by the failure
Here is my token { “aud”: “xxxxxxxxx”, “iss”: “https://login.microsoftonline.com/98731832-xxxxxxxx-f68390800051/v2.0”, “iat”: 1622482003, “nbf”: 1622482003, “exp”: 1622485903, “aio”: “AVQAq/8TAAAApcE99DC5d8+fiGXeX+4YQiGQk2LRAkoW0/2ef6TjiO9eFSxeWuF4+GL4awP6FUtCGFN89WltByAUrmjhuOASSNT9TXUU+wzhGN0siQXU5pc=”, “azp”: “c8919a3e-aaaa-42c0-b573-533e717bacb8”, “azpacr”: “0”, “name”: “LOUANDRE Gwenael”, “oid”: “d7bbb0e4-2dd3-4c76-9160-uuuuuu”, “preferred_username”: “gwenael.louandre@vinci-construction.com”, “rh”: “0.AQUAMhhzmNpARkWSA_aDkIAAUT6akciqqsBCtXNTPnF7rLgFAHY.”, “scp”: “access_as_user”, “sub”: “BomEbk_RNwYiVRKpjPfANmUhtFzkj3kCef1qMH0iatU”, “tid”: “98731832-40da-4546-9203-f68390800051”, “uti”: “MqVE0aYsTEautUNWTdMhAQ”, “ver”: “2.0” }
Browser and version
Chrome, Firefox
I found several posts on stackoverflow about that problem but no one corrects the problem. What am I doing wrong? Thanks! We’ll be in touch soon.
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (4 by maintainers)
Thanks! That was my problem. I mixed two projects I worked at the same time. On the other hand, I have a question about one step in demo. In the Register the client app (msal-angular-spa) paragraph after creating the client app, I added a single page application platform in the ‘Authentication’ Azure menu. I think if we don’t declare this kind of platform the msal-angular doesn’t work. Am I wrong?
Closing, let us know if you need further help