Closed dochoss closed 4 years ago
@dochoss thank you very much : ) There isn't anything wrong with your code as far as I can see, so I think it would be best if you could send us a Fiddler trace (or any other network trace) and if you have any repository that we could look into that would be great as well. Please send them over mail to v-doeris at microsoft com.
@derisen I'll be able to get that done on Monday. Don't close this over the weekend! :)
@dochoss any updates on this?
Closing due to inactivity.
HI Team,
I am facing similar issue, token is generated but still i am facing same issue (401 even with a valid token)
Below is my code
export const getAuthToken = async () => {
const msal = require("@azure/msal-node");
// const msal = require("@azure/msal-browser");
const msalConfig = {
auth: {
clientId: "ClientID",
authority: Authority,
clientSecret: "clientSecret",
navigateToLoginRequestUrl: false
},
cache: {
// your implementation of caching
cacheLocation: "sessionStorage", // This configures where your cache will be stored
storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge
},
system: {
loggerOptions: { /** logging related options */ }
}
};
const cca = new msal.ConfidentialClientApplication(msalConfig); //const myMSALObj = new msal.PublicClientApplication(msalConfig); const usernamePasswordRequest = { //scopes: ["user.read"], username: EnvVariables.OrgAdminUserName, // Add your username here password: EnvVariables.OrgAdminPassword, // Add your password here }; // await myMSALObj.acquireTokenWithUsernamePassword const accessToken = await cca.acquireTokenByUsernamePassword(usernamePasswordRequest).then((response) => { console.log("acquired token by password grant in confidential clients"); return response.accessToken; }).catch((error) => { console.log(error); }); };
//token passing to the axios Get call
export const ExecuteGetRequest = async (getUrl: string) => {
const token = await getAuthToken();
return await axiosDefault.get(getUrl, {
headers: {
"Authorization": `Bearer ${token}`,
"Content-Type": "application/json",
},
});
};
Hi, MS Identity team,
First, I want to say that I appreciate the work you guys are doing to simplify auth as a whole. It's my weakest point in development, by far. I just feel like there's something I'm not getting and your work is helping. So here's my situation...
I have a .Net Core 3.1 Web API I want to protect with an AAD-issued bearer access token. I'm getting the token using MSAL and that is working fine. I've verified the token at jwt.ms and everything looks good:
aud
is my API's client ID from AAD,scp
is my custom scope that I'm requesting, andiss
islogin.microsoftonline.com/<my tenant id>
as expected. I get the token with MSAL and add it to my request using JavaScriptfetch
and adding the token to the 'Authentication' header with the valueBearer <token>
.If I leave off the
[Authorize]
attribute in the web API (allowing anonymous access), I can see that the token is indeed included in the request headers and that the value is the same as it should be. However, when I add the[Authorize]
attribute, the response is a 401 and no code is being run in the API.Details of my configurations are below. Please let me know what other information I can provide to figure this out. If need be, also let me know if there's a better place to ask for this type of help.
CLIENT
msalConfig.js
auth.js
Vue component (only showing script tag for brevity)
API
Startup.cs (only showing relevant parts)
appSettings.json