Reputation: 16011
Exception of type 'Web.TPEngine.Providers.BadArgumentRetryNeededException' was thrown
When users try to sign-in they receive "Your password is incorrect" but I know the username/password is valid.
I configured the user journey recorder and I'm receiving the following:
Exception of type 'Web.TPEngine.Providers.BadArgumentRetryNeededException' was thrown.
What does this error mean and how do I fix it?
Upvotes: 3
Views: 584
Answers (3)
Reputation: 41
All of the above is absolutely correct:
- ProxyIdentityExperienceFramework application type MUST be Native
- MUST configure permission and do not forget to click "Grant Permissions"
Also what gets me almost every time is forgetting to paste the Application ID's for ProxyIdentityExperienceFramework and IdentityExperienceFramework into the XML policy, under the "login-NonInteractive" technical profile.
Like this:
<ClaimsProvider>
<DisplayName>Local Account SignIn</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="login-NonInteractive">
<Metadata>
<Item Key="client_id">xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</Item><!-- ProxyIdentityExperienceFramework -->
<Item Key="IdTokenAudience">xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</Item><!-- IdentityExperienceFramework -->
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="client_id" DefaultValue="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" /> <!-- ProxyIdentityExperienceFramework -->
<InputClaim ClaimTypeReferenceId="resource_id" PartnerClaimType="resource" DefaultValue="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" /> <!-- IdentityExperienceFramework -->
</InputClaims>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
Upvotes: 0
Reputation: 6678
@spottedmahn is 100% correct. For me, I missed the Grant Permissions part.
Also, you must do both of these
- configure the IdentityExperienceFramework permission
- click Grant Permissions
PS. Did I mention that if you don't click Grant Permissions nothing will work; seriously!
Upvotes: 3
Reputation: 16011
Turns out, when the ProxyIdentityExperienceFramework Azure AD App was created, it was created incorrectly. It was created as a Web app / API, not a native app like it was supposed to be.
Upvotes: 2
Related Questions
- Microsoft.IdentityModel does not support a B2C issuer with 'tfp' in the URI
- azure b2c - an exception has occurred
- AzureB2C Identity Provider Login Failed : AADB2C99002: User does not exist
- Azure B2C - The provided token does not contain a valid issuer
- Authentication failed: com.microsoft.identity.client.exception.MsalArgumentException: scopes cannot be null or empty
- Negative Scenario on login
- Invalid response signing in via Microsoft identity provider with Azure AD B2C
- Error 70001 trying to sign in as Azure AD B2C user with custom Identity Experience Framework policy
- Internal Server Error in B2C for Email/UPN in Username Field
- 500 Internal Server Error in Azure AD B2C