Reputation: 3150
Passport - Azure AD - Application is not supported for this API version
When I use NPM package "passport-azure-ad" to try and connect to Azure AD, I am getting the error below. I have successfully connected to Facebook, Google, and MSFT Live, successfully, but cannot figure out why Azure AD doesn't like my configuration.
What does this error mean???
Error:
Application xxx is not supported for this API version.
I've looked at quite a few articles and the GitHub repo, but each is slightly different, and doesn't make it clear which options are required.
https://github.com/AzureADQuickStarts/B2C-WebApi-Nodejs/blob/master/node-server/app.js https://github.com/Azure-Samples/active-directory-node-webapp-openidconnect/blob/master/app.js
Here's my configuration:
var OIDCStrategy = require('passport-azure-ad').OIDCStrategy;
var WINDOWS_AD_CLIENT_ID = "xxxx"
var WINDOWS_AD_CLIENT_SECRET = "xxxx"
passport.use(new OIDCStrategy({
callbackURL: "/dealer/auth/azuread/callback"
, realm: 'xxxxx' //tenant Id
, clientID: WINDOWS_AD_CLIENT_ID
, clientSecret: WINDOWS_AD_CLIENT_SECRET
, identityMetadata: 'https://login.microsoftonline.com/common/.well-known/openid-configuration'
//, tenantName: 'xxxx.onmicrosoft.com'
//, policyName: 'B2C_1_DealerSignin'
//, validateIssuer: true
//, audience: 'http://localhost:3000/dealer'
//oidcIssuer: config.creds.issuer,
, skipUserProfile: true // for AzureAD should be set to true.
, responseType: 'id_token' // for login only flows use id_token. For accessing resources use `id_token code`
, responseMode: 'form_post' // For login only flows we should have token passed back to us in a POST
//scope: ['email', 'profile'] // additional scopes you may wish to pass
},
function(iss, sub, profile, accessToken, refreshToken, done) {
console.log("Windows AD Profile retrieved")
return done(null, profile);
}
));
And Routes:
router.get('/auth/azuread',
passport.authenticate('azuread-openidconnect', { scope: 'email profile' }),
function(){
console.log("Azure AD endpoint invoked.")
});
router.post('/auth/azuread/callback',
function(req, res, next) {
console.log("Azure AD Auth callback is invoked")
next()
},
passport.authenticate('azuread-openidconnect'),
function(req, res) {
console.log("Azure AD Auth callback is finished")
res.redirect('/dealer');
}
);
Upvotes: 4
Views: 632
Answers (1)
Reputation: 7107
I ran into the same issue whenever I created my application under:
Portal.Azure.com -> Azure AD -> App Registrations
or the equivalent on the Classic Portal.
I had to create my app under:
apps.dev.microsoft.com
For it to work. Hopefully this helps someone else.
Upvotes: 1
Related Questions
- Azure AD Invalid Signature of Access Token using Passport.js
- Problem with OIDCStrategy passport-azure-ad passport js?
- Passport Azure AD This expression is not callable
- passport-azure-ad: Why am I getting "jwt audience is invalid"?
- Azure Active Directory B2C with Passport.js error "Cannot get aad federation metadata" error
- Invalid passport authentication even after sending right token of Microsoft Graph
- passport-azure-ad Strategy.prototype.jwtVerify: cannot verify token
- Node Passport-azure-ad error: "unknown authentication strategy "oauth-bearer""
- Invalid state on azure, but working locally
- Trouble using passport-azure-ad OIDCStrategy with Passportjs