Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Bug] 'Scheme already exists: Bearer' when trying to setup both AAD and AAD B2C auth

See original GitHub issue

Which version of Microsoft Identity Web are you using? 0.2.3-preview

Where is the issue?

I’m trying to make my ASP.NET Core Web API compatible with both AAD tokens issued on behalf of applications as well as AAD B2C tokens issued on behalf of users, but run into errors when trying to configure both entries in my appsettings.json file. If I only initialize AddMicrosoftWebApi once, then I get issues verifying JWT signature when the token is generated using the identity provider that was left out.

Is this a new or an existing app? c. This is a new app

Repro

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             .AddMicrosoftWebApi(this.Configuration, "AzureAd")
             .AddMicrosoftWebApi(this.Configuration, "AzureAdB2C")

Expected behavior ASP.NET Core app is setup to validate tokens issued from both identity providers.

Actual behavior Error during startup: InvalidOperationException: 'Scheme already exists: Bearer'

Issue Analytics

State:
Created 3 years ago
Reactions:4
Comments:23 (7 by maintainers)

Top GitHub Comments

2reactions

pmaytakcommented, Aug 28, 2020

Thanks everyone for feedback. A fix is in PR #475 (which will be included in the next release). Also added a small section to the wiki related to this.

2reactions

jmprieurcommented, Aug 10, 2020

@AzureAD/azure-ad-app-content-authors

You added twice the same authentication scheme. You’d need to use a different name for the jwtBearerScheme parameter in one of your calls. for instance:

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             .AddMicrosoftWebApi(this.Configuration, "AzureAd")
             .AddMicrosoftWebApi(this.Configuration, "AzureAdB2C", "jwtBearerScheme2")

BTW, the default one will be “Bearer” (JwtBearerDefaults.AuthenticationScheme).

Top Results From Across the Web

InvalidOperationException: Scheme already exists: Bearer

I have tried the below code and worked for me. public void ConfigureServices(IServiceCollection services) { // Code omitted for brevity services ...

Multiple authentication schemes? - Microsoft Q&A

Hello experts, I need some help with enabling multiple authentication schemes in asp.net core web app using Azure AD and PingOne Identity ...

Scheme Already Exists : Identity.Application | ASP.NET CORE

In this video, I am going to fix that error ," Scheme Already Exists : Identity.Application" If you are using Identity then you...

ASP.NET Core 2.0 Azure AD Authentication

In ASP.NET Core 1.X, authentication middleware were registered in the Configure method in the Startup class. That has had a major change. There ......

Addinmemorytokencaches net core. Caching. NET Classic ...

If you find a bug in msal. NET Core, Power Apps, MS Graph, Azure AD, security. cs file, I tried the following lines...