Closed KalyaniBharatha closed 1 year ago
Captain-P-Goldfish
commented
1 year ago The access token you entered in Azure AD is invalid. Indicated by the response status 401 not authenticated. Make sure the access tokens lifetime is set correctly. I think default is 5 minutes or less.
KalyaniBharatha
commented
1 year ago Thank you for the response, Actually I have set access token lifespan to 5 hours and API is working fine when i test in postman.
Captain-P-Goldfish
commented
1 year ago Did you configure authorization access to specific clients as explained under point 3: https://github.com/Captain-P-Goldfish/scim-for-keycloak#what-is-configurable ? If yes only access tokens issued for this specific client will work. All other access tokens will be rejected. If you did not configure anything there, the access tokens of all clients will be accepted, leading back to the point that the access token is invalid. Make sure you do not have any whitespaces or similiar within the token. I have no experience with Azure AD myself so I can only give you theoretical advice.
KalyaniBharatha
commented
1 year ago I have added custom auth manager to check the actual issue with the token. So keycloak logs showing as 'invalid token issuer', Expected https://{host}/auth/realms/{realmName}, but was https://{host}:**port**/auth/realms/{realmName}.. Here port is dufference. So actually our keycloak is running on 8443 port so in token issuer port is also there, when azure is calling the API it is trimming the port. so got invalid token issuer.
Hi, I am trying to add an enterprise application in azure AD, i have added scim url and secret token(access token) and clicked on test connection. it is showing error. Attached a screenshot. using Keycloak version 13. Could you provide support on this.