Open SuperGraham opened 1 year ago
SuperGraham
commented
1 year ago In Entra I created verified employee credential and then a QR code is displayed. However, when I scan the QR code with the Microsoft Authenticator app on my phone I get an error that says 'Oh no, Something went wrong!' Error Details: Signature is not valid on Presentation Request.
SwathiDhanwada-MSFT
commented
1 year ago @SuperGraham Thanks for your comment. We will review the issue and get back to you shortly.
SuperGraham
commented
1 year ago I rebuilt everything to see if I could spot the problem but the result is the same. When I scan the QR code with a a QR reader app instead of the Microsoft Authenticator app, I see the following.
https://beta.eu.did.msidentity.com/v1.0/tenants/
Does the fact the FQDN is beta.eu.did.msidentity.com instead of verifiedid.did.msidentity.com make any difference?
MarileeTurscak-MSFT
commented
1 year ago Hi @SuperGraham,
I saw a similar issue reported here with the same error message: https://github.com/MicrosoftDocs/azure-docs/issues/97977
Based on the discussion in this thread it looks like if you are adding an access policy for the application you need to add the policies for both the Verified Credentials Service and the Verifiable Service Request.
Is this the same issue you are seeing?
SuperGraham
commented
1 year ago Hi @MarileeTurscak-MSFT - The extra permissions were already there.
I also added permissions for Verifiable Credentials Service to the Verifiable Credentials App.
I am getting the same error. Once I scan the QR code with the Authenticator app I see 'Oh no! Something went wrong!" The technical details show 'Error Details: Signature is not valid on Presentation Request.'
A few clarifications:
The sample JSON shows '"CredentialManifest": "https://verifiedid.did.msidentity.com/v1.0/12345678-0000-0000-0000-000000000000/verifiableCredentials/contracts/VerifiedCredentialExpert"' My manifest URL ends with a string of random characters then /manifest. Do I have to take the sample in the JSON and edit it with my tenant ID so it ends with VerifiedCredentialExpert or use my exact manifest URL?
Using your mobile device, scan the QR code with the Authenticator app. You can also scan the QR code directly from your camera, which will open the Authenticator app for you. When I scan with the Authenticator app do I select personal account, work or school account or other account (Google, Facebook, etc.)? - I'm guessing work or school account. When I scan the QR directly with my camera nothing happens so the statement 'You can also scan the QR code directly from your camera, which will open the Authenticator app for you.' is incorrect. I know this will change phone to phone, but it's not working for me.
Taimoor-Bha
commented
1 year ago I have the same problem as @SuperGraham. Has anyone found a solution?
ggogel
commented
1 year ago I was able to reproduce this issue.
I've set up the Verified ID on a test tenant to a domain from a static web app. After that, I stopped and in the meantime, a colleague reset the service and installed it on another domain. When I came back I reset it again and set it to my domain. VerifiedID immediately confirmed the domain.
I continued with the tutorial and was facing the error "Signature is not valid on Presentation Request".
I checked the Verified ID setup again and saw that the did.json and did-configuration.json actually had changed but it accepted the old ones regardless. After I uploaded the new JSON files to my static web app the issuance finally worked.
So it seems to me that the Verified ID setup is just checking if the files are there but not their actual content.
Make sure that your .well-known path actually contains the correct files offered by the setup process.
Hello, I am following these instructions - https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-issuer
I have got to the point where I am running the DotNet app and then going to http://localhost:5000/issuer. All good so far.
The first error is this: fail: AspNetCoreVerifiableCredentials.IssuerController[0] Unsuccesfully called Request API{"requestId":"8c92680f21a1e920e328569e495c72c0","date":"Sat, 03 Sep 2022 10:59:25 GMT","mscv":"iebwhg6QETE1wz8h.1","error":{"code":"badRequest","message":"The request is invalid.","innererror":{"code":"badOrMissingField","message":"The request does not contain a valid authority DID.","target":"authority"}}}
Here https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-issuer#update-the-sample-application, the IssuerAuthority and VerifierAuthority are shown as "did:web:example.com..." I removed the ... at the end and then the error changes to this.
fail: AspNetCoreVerifiableCredentials.IssuerController[0] Unsuccesfully called Request API{"requestId":"bca897e355e5f5e9006921d51a725fdf","date":"Sat, 03 Sep 2022 11:02:28 GMT","mscv":"nQU7CCpVg4wN1KMp.1","error":{"code":"badRequest","message":"The request is invalid.","innererror":{"code":"badOrMissingField","message":"Cannot lookup Callback hostname yourpublicreachablehostname","target":"callback.url"}}}
Now I am lost. Any ideas?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.