堆栈内存溢出
  简体   繁体   English

使用ADAL返回的令牌调用服务时出现未授权错误:Active Directory .Net Native Desktop?

[英]Unauthorized Error when call the service using the token returned by ADAL: Active Directory .Net Native Desktop?

 原文  2016-05-20 22:12:05       .net/ azure/ azure-active-directory/ adal

问题描述

I'm trying to learn more about Azure Active Directory. 我正在尝试了解有关Azure Active Directory的更多信息。 I'm looking at the Code Samples at: https://azure.microsoft.com/en-us/documentation/articles/active-directory-code-samples/ 我正在查看代码示例: https//azure.microsoft.com/en-us/documentation/articles/active-directory-code-samples/

The first sample I ran on my local is: NativeClient-DotNet, https://github.com/Azure-Samples/active-directory-dotnet-native-desktop . 我在本地运行的第一个示例是:NativeClient-DotNet, https ://github.com/Azure-Samples/active-directory-dotnet-native-desktop。

I follow the steps, the ADAL returns the token successfully, see below screen shot. 我按照步骤,ADAL成功返回令牌,见下面的屏幕截图。 在此输入图像描述

However, when I use the token to call the to do list service, it always fails. 但是,当我使用令牌调用待办事项列表服务时,它总是失败。 The error is: 错误是:

在此输入图像描述 Status Code: 401, ReasonPhrase: Unauthorized... (see the 1st screen shot). 状态代码:401,ReasonPhrase:未经授权......(请参阅第1个屏幕截图)。

Anyone knows what issue this is? 谁知道这是什么问题? Since it is sample code, I guess maybe just something I miss. 既然它是示例代码,我想也许只是我想念的东西。

Thanks 谢谢

1 个解决方案

解决方案1
 0  2019-05-16 03:06:42

Following the direction given by @Saca's comment in the question... I pasted my token at jwt.celebb.net . 按照@Saca在问题中的评论给出的指示......我将我的令牌粘贴在jwt.celebb.net上

I found that the aud (audience) property had a mismatching value... :| 我发现aud (观众)属性的价值不匹配......:| I spent more than 2 hours to figure this out while fiddling with Azure Portal applications' settings and the code... 我花了两个多小时来解决这个问题,同时摆弄Azure门户应用程序的设置和代码......

在此输入图像描述

In my Web API I had this in Web.config : 在我的Web API中,我在Web.config有这个: 

<add key="ida:Audience" value="api://49111627-c20d-45b0-9823-d3bbd8689916" />

While in the Client Web.config I had this: Client Web.config我有这个: 

<add key="todo:TodoListResourceid" value="49111627-c20d-45b0-9823-d3bbd8689916" />

You see the mismatch... they're different. 你看到不匹配......他们是不同的。 There's an extra api:// there and so I was getting the Unauthorized exception. 还有一个额外的api://那里我得到了Unauthorized异常。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Active Directory服务帐户从.NET连接到SQL Server - Connecting to SQL Server from .NET using an Active Directory Service Account Active Directory 身份验证库 (ADAL) 不会安装 Visual Studio 2013 .NET v4 - Active Directory Authentication Library (ADAL) won't install Visual Studio 2013 .NET v4 断开连接时使用.Net对Active Directory进行身份验证 - Using .Net to authenticate against Active Directory when disconnected 远程服务器返回错误:(401).NET Remoting中未经授权 - The remote server returned an error: (401) Unauthorized in .NET Remoting 在.Net中使用Active Directory进行授权 - Using Active Directory for Authorization in .Net Client is unauthorized error 授权服务帐号时 - Client is unauthorized error when authorizing service account .net ADAL获取无需用户的应用程序令牌 - .net ADAL Acquire Token for application without a user .Net + IIS + Active Directory 问题:目录服务不可用 - .Net + IIS + Active Directory Issue: The directory service is unavailable ADAL:在特定计算机上获取令牌时出错 - ADAL: Error with getting token on specific machine 使用服务主体对 GetReportInGroupAsync PowerBI Embedded API 调用做出未经授权的响应 - Unauthorized response on GetReportInGroupAsync PowerBI Embedded API call using Service Principal
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM