32 questions
0
votes
0
answers
42
views
Spring Kafka consumer stops consuming after 1–2 days with ExpiringCredentialRefreshingLogin logs
I have a Spring Kafka application with a single consumer. The Kafka client authentication is configured using SASL/OAUTHBEARER over SSL, as shown below:
authProps.put(SaslConfigs.SASL_MECHANISM,...
- 271
0
votes
1
answer
218
views
How to acquire Azure management token and call HTTP in .NET for Azure B2C domain name availability check?
I've been working on setting up Azure AD B2C tenants and encountered a roadblock when trying to verify domain name availability before creating a tenant. Following a helpful response on my previous ...
- 29
0
votes
1
answer
196
views
How can I ensure a domain name isn't already taken before creating Azure B2C tenant?
I'm in the process of setting up Azure AD B2C tenants, but I
keep encountering a roadblock. Whenever I try to use a specific domain
name, it tells me it's "Already in use by another directory.&...
- 29
0
votes
1
answer
402
views
Unable to generate access token. invalid_grant error, AADSTS65001:The user or administrator has not consented to use the application with ID
Context: I'm building a web app that intends to provide insights and analysis on user's Sharepoint and OneDrive data. Users should be able to come to my web app, connect their Sharepoint and OneDrive ...
- 101
1
vote
1
answer
352
views
Is it possible to for users to only grant a subset of permissions on OAuth Authorization Code Flow?
I would like to be able to modulize my app in such a way that users do not need to grant consent for all resources during registration.
Let's say I have a Calendar + Contacts management app. The ...
- 535
1
vote
1
answer
1k
views
OAuth Access Token Exchange Protocol
We have an application registration on Azure AD to which users authenticate to by requesting their own access token:
{
"aud": "CLIENT_ID",
"iss": "https://login....
- 453
0
votes
1
answer
6k
views
Decoding azure access token obtained by client credential flow
Got access token using azure.identity ClientSecretCredential client credential flow but when trying to decode using the PyJwt library giving me the below error.
ValueError: Could not deserialize key ...
- 1,721
0
votes
0
answers
1k
views
Springboot reactive webflux with oauth2 client credentials flow for azure active directory
I'm trying to get the springboot webflux oauth2 client_credentials flow work but the application is working as expected.
Referring to a lot of questions and answers on stackoverflow, springboot docs I ...
- 1,812
0
votes
1
answer
6k
views
Can I set two different Redirect URL (Reply URL) inside a SPA application inside Azure AD
I am running a React application. I have registered this application with Azure AD (got one client id). I am also implementing oAuth using Azure React MSAL package.
I am running this application ...
- 5,726
0
votes
1
answer
2k
views
Getting Azure AD Enterprise Application user group in jwt token using MSAL in C#
I have an application in Vue.js that obtains user/bearer tokens using oidc-client that gives information about the usergroups in a particular Enterprise Application in Azure AD, the current logged in ...
- 477
0
votes
1
answer
2k
views
How to generate Access Token for Azure with grant type password? PowerBI REST API
I want to be able to get access tokens automatically without the need of user interaction (that is manually typing the credentials in an OAuth pop-out).
I'm using grant_type: password for this; ...
- 25
0
votes
1
answer
74
views
How should I create app registrations on-demand for my users in Azure B2C?
I have a simple ASPNET Core Razor Pages app + ASPNET Core API:
for example the API just has:
builder.Services
.AddAuthentication(...)
.AddMicrosoftIdentityWebApi()
Razor pages has:
builder....
- 3,213
0
votes
1
answer
2k
views
MS Graph API Granted Scopes not reflecting in the Access Token
We have a mail integration for MS mailboxes and we use MS Graph API for our integration. We have created an OAuth app and the right Mail scopes have been added to the app, while generating the access ...
-1
votes
1
answer
333
views
Power Bi Azure Cost Management - oauth token
I use Azure Cost Management connector to retrieve data directly info Power Bi. There is an authentication process which based on personal account generate OAuth token (automatically). Token is valid ...
- 237
0
votes
1
answer
1k
views
How to make all refresh tokens invalid for getting access token to make it more secure
Somehow I managed to reduce default access token lifetime to 30 minutes. This made tokens to expire or invalid after 30 minutes. Now the problem is few users already got refresh tokens along with ...
- 77
4
votes
2
answers
6k
views
Microsoft/Azure OAuth failing, my organization lacks a service principal
I've been trying to use the Bing Ads API, but can't even make it past the first step. I've followed these steps to the letter, but am getting stuck at the part where I need to ask for user consent.
I'...
- 485
0
votes
0
answers
380
views
OAuth authentication with EWS Managed API applications for a specific mailbox
We changed our application such that it authenticates an EWS application by using OAuth. The article «Authenticate an EWS application by using OAuth» was of great help.
The subsection «Configure for ...
- 145
0
votes
0
answers
433
views
Use HWIOAUTHBundle with LexikJWT in a api-platform project
I havn't no issue to build an api with api-platform and generate token with LexikJwt and refresh with gedinet bundle.
It's easy (thanks a lot, it's a great doc).
I use Symfony 6.1 and try to integrate ...
0
votes
1
answer
2k
views
Admin-approved User.Read.All scope is not granted in the OAuth token scopes
My Azure app has the scope User.Read.All approved by an admin:
I request the following scopes in my oauth registration:
scope:
- profile
- email
- openid
- offline_access
- User.Read.All
-...
- 9,285
2
votes
2
answers
7k
views
How to get email from Microsoft graph api oidc/userinfo endpoint
I have setup oauth via azure, i have received an authorization_code which i have exchanged for an access_token. I am then attempting to use that access token to get userinfo data including the email ...
- 19.9k
3
votes
1
answer
887
views
Azure Active Directory add custom data to Oauth2 token
I'm using the auth endpoint https://login.microsoftonline.com/tenant-id/oauth2/v2.0/token programmatically (Nodejs) for getting back a token that will be used against my API. I have everything ...
- 283
0
votes
1
answer
868
views
Azure APIM oAuth workflow - refresh token is missing
I enabled oAuth in Azure API management. Then using ClientId, Client Secret, Scope, Access Token URL & Grant Type, I was able to get the access token. How can I get the refresh token from the API ?...
- 5,726
0
votes
1
answer
3k
views
Is this the right way to implement oAuth 2.0 for azure API management
I followed https://www.youtube.com/watch?v=TRrBqNYtyj8 video to secure my backend API using Azure API management. After following the steps the workflow was not working and I had to add an additional ...
- 5,726
1
vote
1
answer
108
views
Why does Visual Studio skip some directories like Controllers, Classes, and App_Start when publishing to Azure?
I have a classic ASP.Net forms based website where I have added s set of API hits based on the OAuthAuthorizationServerProvider class. It works great locally, now I trying to publish it to an Azure ...
- 775
0
votes
2
answers
1k
views
Azure API management - oAuth is not working
I am trying to access a service using Azure API management. I have enabled oAuth authentication on top of the service by using API's > Settings > Security and selexting oAuth 2.0. But Even after ...
- 5,726
0
votes
1
answer
130
views
Understanding oAuth workflow
I am reading an article which talks oAuth workflow. Article has a sequence diagram:
I have few questions about the oAuth workflow:
The first endpoint shouldn't it be called Authenticate and not ...
- 5,726
0
votes
1
answer
545
views
Gdal connection to Azure Data Lake Storage (Gen 2) virtual file using AZURE_STORAGE_ACCESS_TOKEN
I want to access my Azure Data Lake Storage (Gen 2) files from gdal version 3.5 using authentication with AZURE_STORAGE_ACCESS_TOKEN as described here:https://gdal.org/user/virtual_file_systems.html#...
0
votes
1
answer
1k
views
steps to create PowerBI API token
i'm using this URL https://login.windows.net/(the Tenant ID of the App that i made in Azure AD)/oauth2/token to create a Token for PowerBI API. my postman looks like this:
but when i use this Access ...
- 10.5k
0
votes
2
answers
2k
views
MSAL - Network request failed. Please check network trace to determine root cause
I am trying to use MSAL for node.js for OAuth 2.0 authentication, and I'm getting an error when calling acquireTokenByAuthCode.
Network request failed. Please check network trace to determine root ...
- 1,937
0
votes
1
answer
1k
views
For IMAP.AccessAsUser.All Scope ADSTS65001: The user or administrator has not consented to use the application
In my java web application I want to get access to user's mailbox by using jakarta mail. For that purpose I followed https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-...
- 4,563
7
votes
1
answer
2k
views
Protecting SPA and API using Azure AD and app roles
I am building a system where a SPA can call an API. The SPA as well as the API are represented in Azure AD using app registrations that require users to be assigned to it.
During the assignment, the ...
- 2,324
3
votes
1
answer
9k
views
Azure registered app error: The user or administrator has not consented to use the application with ID
We´re trying to get the token for Oauth using the official docs request:
https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id='my client id'
&scope=https%3A%2F%2Fgraph....
- 2,078