Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ADAL JS - response_type="token" is not supported

Tags:

azure

adal

I'm using adal js to auth with Azure AD. I have webApp and webApi. Pretty much my apps follow this sample https://github.com/AzureADSamples/SinglePageApp-WebAPI-AngularJS-DotNet .

I was able to login to my webApp and adal.js successfully acquired a token for my webApi and injected it into a request. All was working until recently. Then token acquisition for webApi stopped working with error:

"response_type 'token' is not supported for the application"

renewToken is failed:AADSTS70005: response_type 'token' is not supported for the application Trace ID: 104c18e3-eb6e-42a4-a292-c6f170f27f65 Correlation ID: c2e65622-0c58-473a-8184-b3056fb1af58 Timestamp: 2015-03-27 22:53:12Z

I can clearly see that adal.js is building a request and puts "response_type=token" into a query string. So, my assumption is that something changed on Azure AD side.

I found one article that correlates response_type=token to implicit grant flow. I confirmed that my webApp has "oauth2AllowImplicitFlow" enabled. I have contacted MS support and waiting for resolution. Meanwhile, I wanted to share this with community and see whether someone has any information regarding the issue.

Thanks

like image 927
serg.salo Avatar asked Mar 29 '15 08:03

serg.salo

2 Answers

If you are building client-side app, you need to enable Implicit flow from the application manifest.

  "oauth2AllowImplicitFlow": true,
  1. Open your application configuration azure portal, and download the manifest file from "Manage Manifest" menu.

enter image description here

  1. search for oauth2AllowImplicitFlow and change the value to true.

  2. upload the file again through the same menu.

Logout and login again to your app and it will work will a charm.

It can also be configured via the Azure AD portal:

  • From the application page, click on Authentication, and under Advanced Settings, select the checkboxes next to Access tokens and ID tokens to enable OAuth2 implicit grant for the application.

more info about OAuth2 Implicit flow >> link:

The implicit grant type is used for mobile apps and web applications (i.e. applications that run in a web browser), where the client secret confidentiality is not guaranteed...

like image 74
alaasdk Avatar answered Oct 17 '22 08:10

alaasdk

recreating my webApp fixed the issue. I'm still investigation the root cause with MS. Manifests for two apps aren't different except their AAD Client IDs.

UPDATE

see my comments for resolution

like image 25
serg.salo Avatar answered Oct 17 '22 10:10

serg.salo
Sign in to Comment

Related questions

What is Azure and .NET Services? Is there any correlation with WCF Services?
Does Azure B2C provide "true" single sign-on between multiple applications
How to authenticate to Azure Active Directory without user interaction?
using microsoft graph to get users by office location
Create LogicApp and API Connections ARM Template using DotNet SDK
Is Azure CloudTable thread-safe?
Get all records from azure table storage

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!