[英]Difference between company account and MSA account with msal
I'm creating an test application with MSAL to see how we can implement it in our products. 我正在使用MSAL创建一个测试应用程序,以了解我们如何在我们的产品中实现它。 I stumbeled upon something I can't explain, so I hope someone can explain it to me.
我指出了一些我无法解释的东西,所以我希望有人可以向我解释。
I can configured the application like this on app dev site 我可以在app dev网站上配置这样的应用程序
I use msal.js to get an authorization token 我使用msal.js来获取授权令牌
I get redirected to login page as expected, if I try to login with my company account, I don't get to the consent screen and get back following error description: 我按预期重定向到登录页面,如果我尝试使用我的公司帐户登录,我没有进入同意屏幕并返回以下错误描述:
AADSTS65005: The application 'auth-test' asked for scope 'openid' that doesn't exist on the resource. AADSTS65005:应用程序'auth-test'询问资源上不存在的范围'openid'。 Contact the app vendor.
联系应用程序供应商。
If I login with my MSA account, I get to the consent screen and back to my application with an authorization token as expected 如果我使用我的MSA帐户登录,则会进入同意屏幕,并按预期使用授权令牌返回我的应用程序
So for the same app there's a difference between company account and MSA account? 那么对于同一个应用程序,公司帐户和MSA帐户之间有区别吗? What do I have to do so that I can get with my company account to the consent screen and back to the application with an authorization token?
我该怎么办才能使用我的公司帐户进入同意屏幕并使用授权令牌返回应用程序?
The reason for this error is that msal.js requires an Id Token provided by openid scope which is not added if the application does not have a redirect URL. 出现此错误的原因是msal.js需要openid作用域提供的Id令牌 ,如果应用程序没有重定向URL,则不会添加该令牌 。
Try going back to https://apps.dev.microsoft.com , edit your app's registration information, select 'Add Platform', then 'Web'. 尝试返回https://apps.dev.microsoft.com ,编辑应用的注册信息,选择“添加平台”,然后选择“网络”。 Then add a redirect URL such as http://localhost .
然后添加重定向URL,例如http:// localhost 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.