B2C & PCA: Missing scopes in token
See original GitHub issueMSAL 4.35.1.0 MSAL.Desktop 4.8 or later Windows 10 Enterprise
Issue: Everything runs fine when getting the token but no scopes are in the token according to jwt.ms Note: “signInAudience”: “AzureADandPersonalMicrosoftAccount” is on for everything.
Am I doing something wrong?
MSAL Info True True MSAL 4.35.1.0 MSAL.Desktop 4.8 or later Windows 10 Enterprise [22.69 - <logid>]
=== Request Data ===
Authority Provided? - True
Client Id - <DesktopClientid>
Scopes - https://<B2CTenant>.onmicrosoft.com/<APIid>/read https://<B2CTenant>.onmicrosoft.com/<APIid>/write
Redirect Uri - msal<DesktopClientid>://auth
Extra Query Params Keys (space separated) -
ClaimsAndClientCapabilities -
Authority - https://<B2CTenant>.b2clogin.com/tfp/<B2CTenant>.onmicrosoft.com/B2C_1_SignUpOrIn/
ApiId - AcquireTokenInteractive
IsConfidentialClient - False
SendX5C - False
LoginHint -
IsBrokerConfigured - False
HomeAccountId -
CorrelationId - <logid>
MSAL Info True True MSAL 4.35.1.0 MSAL.Desktop 4.8 or later Windows 10 Enterprise [22.70 - <logid>] === Token Acquisition (InteractiveRequest) started:
Authority: https://<B2CTenant>.b2clogin.com/tfp/<B2CTenant>.onmicrosoft.com/B2C_1_SignUpOrIn/
Scope: https://<B2CTenant>.onmicrosoft.com/<APIid>/read https://<B2CTenant>.onmicrosoft.com/<APIid>/write
ClientId: <DesktopClientid>
[22.70 - <logid>] [Instance Discovery] Skipping Instance discovery for non-AAD authority.
[22.70 - <logid>] Using legacy embedded browser.
[38.77 - <logid>] [Legacy WebView] Redirect URI was reached. Stopping WebView navigation...
[38.79 - <logid>] An authorization code was retrieved from the /authorize endpoint.
[38.79 - <logid>] Exchanging the auth code for tokens.
[38.80 - <logid>] === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: Embedded
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False
[40.54 - <logid>] Checking client info returned from the server..
[40.54 - <logid>] Saving token response to cache..
[40.56 - <logid>] Subject not present in Id token.
[40.56 - <logid>] Saving AT in cache and removing overlapping ATs...
[40.56 - <logid>] Looking for scopes for the authority in the cache which intersect with https://<B2CTenant>.onmicrosoft.com/<APIid>/read https://<B2CTenant>.onmicrosoft.com/<APIid>/write
[40.56 - <logid>] Intersecting scope entries count - 0
[40.56 - <logid>] Matching entries after filtering by user - 0
[40.56 - <logid>] Saving Id Token and Account in cache ...
[40.56 - <logid>] Saving RT in cache...
MSAL Info True True MSAL 4.35.1.0 MSAL.Desktop 4.8 or later Windows 10 Enterprise [40.57 - <logid>] Fetched access token from host <B2CTenant>.b2clogin.com. Endpoint https://<B2CTenant>.b2clogin.com/tfp/<B2CTenant>.onmicrosoft.com/b2c_1_signuporin/.
[40.57 - <logid>]
=== Token Acquisition finished successfully:
MSAL Info True True MSAL 4.35.1.0 MSAL.Desktop 4.8 or later Windows 10 Enterprise [40.57 - <logid>] AT expiration time: 31/08/2021 1:55:40 AM +00:00, scopes https://<B2CTenant>.onmicrosoft.com/<APIid>/write https://<B2CTenant>.onmicrosoft.com/<APIid>/read source IdentityProvider from https://<B2CTenant>.b2clogin.com/tfp/<B2CTenant>.onmicrosoft.com/b2c_1_signuporin/ appHashCode 45562078
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Scope missing in access token claims in Azure B2C OAuth ...
1 Answer 1 ... Please note that, client-credentials grant type works with Application permissions only. As your exposed API scope is Delegated, it ......
Read more >Azure AD B2C - access_token missing
Hi, I've been testing Azure AD B2C and I have setup: * IDProvider ... All the microsoft documentations show access_token but no id_token:...
Read more >Using msal-react for React app authentication
Integrate a React app with msal-react, the Azure AD B2C authentication service, for smooth user authentication in React applications.
Read more >msal_flutter - Dart API docs
To use MSAL Flutter in your library, first setup an Azure AD B2C tenant and mobile client ... function passing the scopes you...
Read more >MATLAB pca - Principal component analysis of raw data
This MATLAB function returns the principal component coefficients, ... Error using pca (line 180) Raw data contains NaN missing value while 'Rows' option...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Nevermind, I found the problem. I was using the wrong property on AuthResult (idToken instead of AccessToken).
Can you give a few more details about what you are trying to do?