Difference between company account and MSA account with msal
Question
I'm creating an test application with MSAL to see how we can implement it in our products. I stumbeled upon something I can't explain, so I hope someone can explain it to me.
I can configured the application like this on app dev site
I use msal.js to get an authorization token
I get redirected to login page as expected, if I try to login with my company account, I don't get to the consent screen and get back following error description:
AADSTS65005: The application 'auth-test' asked for scope 'openid' that doesn't exist on the resource. Contact the app vendor.
If I login with my MSA account, I get to the consent screen and back to my application with an authorization token as expected
So for the same app there's a difference between company account and MSA account? What do I have to do so that I can get with my company account to the consent screen and back to the application with an authorization token?
1 answers
solution1
0 2018-01-11 20:26:12
The reason for this error is that msal.js requires an Id Token provided by openid scope which is not added if the application does not have a redirect URL.
Try going back to https://apps.dev.microsoft.com , edit your app's registration information, select 'Add Platform', then 'Web'. Then add a redirect URL such as http://localhost .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.