Azure B2C Bearer error=“invalid_token”, error_description=“The signature key was not found”
Question
I took the Microsoft sample which is using client_credentials flow https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2/tree/master/2-Call-OwnApi
and modified it using my values exactly as the guide says but i still get the following error when i try to access my API
Bearer error="invalid_token", error_description="The signature key was not found"
Any ideas what might be wrong here?
2 answers
solution1
0 2020-06-18 11:11:13
If you want to do some troubleshooting, you can drop the access token JWT into jsonwebtoken.io 232 and get the kid field from the jwt header. After you get the kid, you can check your authorization server's keys by going to https://[my okta org].com/oauth2/default/v1/keys
This will give you the list of public keys by ID. Hope this information helps you troubleshoot. Let me know if you still have problems: Check a couple things for me:
1: Are you setting the issuer in your widget / auth js? 2. If you are, is the issuer the same as your default authorization server? 3. Double check that the [my okta url] is correct
solution2
-1 2020-06-18 15:48:13
I solved it by using the console application sample that Microsoft provided together with the Web API sample that microsoft provided as well, together they both work, i should't have tried to write my own code, its very tricky if you miss a tiny piece. One thing i want to add, Microsoft says using api://GUID format as a scope, that seems wrong, or did not work with me,what worked is full url of the exposed API + /.default example
https://mydomain.onmicrosoft.com/myapiname , that works just fine.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.