Niru
Reputation: 91
Invalid audience claim in token The JSON Web Token (JWT) used as a token does not have the correct audience. Ensure you are using the correct token
Unable to authenticate against a backend api using Azure. Error says invalid audience but the aud claim had the backend api client id when troubleshooting in jwt.ms.
Upvotes: 5
Views: 24690
Answers (1)
Carl Zhao
Reputation: 9559
From your error report, it is indeed a 401 error, that is, your audience does not match the api you want to call, but your parsing token aud claims to have the backend api client ID, so I think your authentication There may be a problem with the configuration, I use the auth code flow to do a simple demonstration for you:
Next,under 'API permissions', give your front-end application access to your backend api:
- Under 'API permissions' click on 'Add permission', then click on the 'My APIs' tab.
- Find your backend application and select the appropriate scope.
- Click 'Add permissions'.
- Grant admin consent for your APIs.
Get token:
Parse the token:
Upvotes: 3
Related Questions
- "error_description":"Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."
- "authentication failed due to: jwt audience is invalid" with Azure AD
- Azure authentication - Allowed token audience value needs to be either URI or GUID format
- Microsoft Graph API: Access token validation failure. Invalid audience
- An error occurred while requesting the token with "Expose an API” scope. AADSTS70011:The provided value for the input parameter 'scope' is not valid
- AzureAD JWT Token Audience claim prefix makes JWT Token invalid
- JWT token issue on Azure Management API
- Azure Active Directory, Allowed Token Audiences doesnt appear to do anything
- UseJwtBearerAuthentication failed: Unauthorized token and The signature is invalid
- Error: A security token validation error occured for the received JWT token. Http Status Code: Unauthorized