Please note that I am not using a cross organization instance in my Azure Ad configuration.
I run my API, this calls the hosted service which executes successfully. For calling the external service, I use IDownstreamApi interface like the following:
The hosted service executes successfully without erros.
When I try to downstreamService 2, I have the following error:
Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
I am using the same code for calling downstream service 2 as for service 1.
Error message
Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
Please notre that I only get this error message when I run the hosted service.
Id Web logs
An error occurred: Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
MSAL.NetCore.4.60.3.0.MsalClientException:
ErrorCode: tenant_override_non_aad
Microsoft.Identity.Client.MsalClientException: Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
at Microsoft.Identity.Client.BaseAbstractApplicationBuilder1.ResolveAuthority() at Microsoft.Identity.Client.AbstractApplicationBuilder1.BuildConfiguration()
at Microsoft.Identity.Client.ConfidentialClientApplicationBuilder.BuildConcrete()
at Microsoft.Identity.Client.ConfidentialClientApplicationBuilder.Build()
at Microsoft.Identity.Web.TokenAcquisition.BuildConfidentialClientApplicationAsync(MergedOptions mergedOptions)
at Microsoft.Identity.Web.TokenAcquisition.GetOrBuildConfidentialClientApplicationAsync(MergedOptions mergedOptions)
at Microsoft.Identity.Web.TokenAcquisition.GetAuthenticationResultForAppAsync(String scope, String authenticationScheme, String tenant, TokenAcquisitionOptions tokenAcquisitionOptions)
at Microsoft.Identity.Web.DefaultAuthorizationHeaderProvider.CreateAuthorizationHeaderForAppAsync(String scopes, AuthorizationHeaderProviderOptions downstreamApiOptions, CancellationToken cancellationToken)
at Microsoft.Identity.Web.DownstreamApi.UpdateRequestAsync(HttpRequestMessage httpRequestMessage, HttpContent content, DownstreamApiOptions effectiveOptions, Boolean appToken, ClaimsPrincipal user, CancellationToken cancellationToken)
at Microsoft.Identity.Web.DownstreamApi.CallApiInternalAsync(String serviceName, DownstreamApiOptions effectiveOptions, Boolean appToken, HttpContent content, ClaimsPrincipal user, CancellationToken cancellationToken)
at....
Microsoft.Identity.Web Library
Microsoft.Identity.Web.DownstreamApi
Microsoft.Identity.Web version
2.18.1
Web app
Sign-in users
Web API
Protected web APIs (validating tokens)
Token cache serialization
In-memory caches
Description
Observed Issue
I am getting the following error, only when adding a hosted service on applcation startup:
Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
I precise that the error is not reproduced when I remove my hosted service that I register with classic aspnet core
AddHostedService<>
method.Reproduction steps
CallApiForAppAsync
method.services.AddHostedService<ReplicasInitalizationHostedService>();
Please note that the hosted service calls the downstream service 1 declared in the above authentication configuration.
Azure Ad Configuration on appsettings.json level:
Service config section:
Please note that I am not using a cross organization instance in my Azure Ad configuration.
The hosted service executes successfully without erros.
Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
I am using the same code for calling downstream service 2 as for service 1.
Error message
Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it.
Please notre that I only get this error message when I run the hosted service.
Id Web logs
An error occurred: Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it. MSAL.NetCore.4.60.3.0.MsalClientException: ErrorCode: tenant_override_non_aad Microsoft.Identity.Client.MsalClientException: Cannot use WithTenantId(tenantId) in the application builder, because the authority Generic doesn't support it. at Microsoft.Identity.Client.BaseAbstractApplicationBuilder
1.ResolveAuthority() at Microsoft.Identity.Client.AbstractApplicationBuilder
1.BuildConfiguration() at Microsoft.Identity.Client.ConfidentialClientApplicationBuilder.BuildConcrete() at Microsoft.Identity.Client.ConfidentialClientApplicationBuilder.Build() at Microsoft.Identity.Web.TokenAcquisition.BuildConfidentialClientApplicationAsync(MergedOptions mergedOptions) at Microsoft.Identity.Web.TokenAcquisition.GetOrBuildConfidentialClientApplicationAsync(MergedOptions mergedOptions) at Microsoft.Identity.Web.TokenAcquisition.GetAuthenticationResultForAppAsync(String scope, String authenticationScheme, String tenant, TokenAcquisitionOptions tokenAcquisitionOptions) at Microsoft.Identity.Web.DefaultAuthorizationHeaderProvider.CreateAuthorizationHeaderForAppAsync(String scopes, AuthorizationHeaderProviderOptions downstreamApiOptions, CancellationToken cancellationToken) at Microsoft.Identity.Web.DownstreamApi.UpdateRequestAsync(HttpRequestMessage httpRequestMessage, HttpContent content, DownstreamApiOptions effectiveOptions, Boolean appToken, ClaimsPrincipal user, CancellationToken cancellationToken) at Microsoft.Identity.Web.DownstreamApi.CallApiInternalAsync(String serviceName, DownstreamApiOptions effectiveOptions, Boolean appToken, HttpContent content, ClaimsPrincipal user, CancellationToken cancellationToken) at....Relevant code snippets
Regression
No response
Expected behavior
I expect the token to be acquired succesfully for the configured downstream service 2