Closed pavel-at-adamos closed 3 years ago
It turned out I was getting a token for the MS Graph API which I couldn't use for my own API. So I had to expose an API for my app and add it to the permissions in AAD. This is a really good tutorial for this case -> https://authguidance.com/2017/12/01/azure-ad-spa-code-sample/
I have the same problem as described in issue #340 - invalid signature for the access_token. I tried everything I could find but nothing seems to work. Maybe someone can point me in the right direction.
Here is my setup:
But when I use the access_token I get the "invalid signature" error. When I use the id_token it works fine. However I don't want to use the id_token because I want to implement silent refresh and I can only do that with the access_token.
Here is the configuration of my BearerStrategy:
I think the problem is that for some reason I'm getting a v1 token back instead of v2. I tried setting
"accessTokenAcceptedVersion": 2
in the manifest of the app registration but it didn't work.What am I doing wrong?