Error occurred while attempting to decode the Jwt.The ID Token contains invalid claims

Question

I am adding oauth into an application(Java based) and I'm running into the following error:

[invalid_id_token] An error occurred while attempting to decode the Jwt: The ID Token contains invalid claims

I have followed all the steps to setup Azure AD and java project using the offical documentation: https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory I checked the validity of my token using Postman- it's working there.

I'm stuck since 2 days. Tried many things but nothing worked. Anyone please help

Answer 1

As your error : An error occurred while attempting to decode the Jwt: The ID Token contains invalid claims :- {aud ,it says invalid claim is aud i.e; audience value .

The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.

According to aud -Pay load claims in Microsoft identity platform ID tokens - Microsoft Entra | Microsoft Docs

Aud, Identifies the intended recipient of the token. In id_tokens, the audience is your app's Application ID i.e.; clientId, assigned to your app in the Azure portal. This value should be validated. The tokenis rejected if it fails to match your app's Application ID.

Also please make sure that server running your spring boot app has the correct time.