Reputation: 1445
.Net Core Web API manually validate Azure AD access Token and get user details
I need to validate an Azure AD token(loginResponse.idToken) generated by an React app after Azure AD Validating the user.
In my Web API backend I need to manually validate the token in one of my Web API's and get the user details from the access token. And then send a new JWT token create by the .Net core app.
I tried to validate the Azure AD token, but failed. I tried based on the example on validating the token, but failed.
It returns the error "Signature validation failed. Unable to match key: kid: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]".
Can anyone help me to validate the token and get the user details form the token.
Upvotes: 1
Views: 4587
Answers (1)
Reputation: 9549
This error is caused by the scope. You may have set the wrong scope.
I answered similar questions before, first you need to expose the api of the back-end application in Azure. Then you need to set the scope to: {your api application client id}/{scope name}.
Please be careful not to add the api:// prefix.
Upvotes: 1
Related Questions
- dotnetcore 3.1 webapi with Microsoft.Identity.Web that both validates user and app tokens
- Azure AD Authentication with .NET Core Web API
- Asp.net core API authenticate with AzureAD Token
- Validating Azure AD ID Token on Web API
- how to validate azure active directory token in webapi
- ASP.NET Core Web API + Azure AD Authentication
- Validate AzureAD token in Web Api
- Authenticate and get Azure AD token in .net core Web API with grant_type as Password
- Authenticate user with Azure AD on .NET Core API?
- Validate access token for WEB API protected by Azure AD