Azure AD b2c custom policy sigin/signup error : - AADB2C: Encryption key must be a 256-bit key error

Question

I am trying to use custom policy to create a passwordless signin/signup flow in azure b2c. I have modified this sample a little bit and using it. So now I am able to see the login and signup screens but when I am trying to login or signup , the process starts and goes ahead but finally it gives me an error saying - AADB2C: Encryption key must be a 256-bit key error. The user signup actually happens behind the scenes because I am not able to use the same email id again to signup, so the issue is with the sigin operation actually.

I checked this answer but it did not help.

Have been trying to find the solution for very long time. Desperately need some help. Thanks.

Answer 1

I had this same problem. My issue was the encryption key was set to signing instead of Encryption.

When creating the Signing, and Encryption Key's under the Policy Keys section of the Identity Experience Framework. Please double check that they are both of type RSA and that the "signing" key is configured for signing, and the encryption key is configured for encryption.

Answer 2

Likely you have created the B2C Policy Key (TokenSigningContainer) incorrectly.

• Delete the B2C Policy Keys that you have setup.

• Run the setup tool here - It will reprovision the B2C starter pack, and create the keys automatically if they do not exist.

• Run the quick deploy for this passwordless sample here.

Answer 3

As you said you have checked the provided answer but can you check again the key created from the following uri? The error suggest that there is an issue while key was created. If possible delete the key and recreate it with same name used in code.