Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Token returned by B2C is not decoded by JWT.MS

Tags:

oauth-2.0

jwt

azure-ad-b2c

I'm following the tutorial at https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows. I created the signup/signin user flow and I just tried using it. I am choosing Google provider since I have it defined. I type-in my country and display name, since I selected these parameters to be required. Then I'm redirected to my app's redirect URI, which is https://jwt.ms. The redirect is:

https://jwt.ms/?code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMCIsInppcCI6IkRlZmxhdGUiLCJzZXIiOiIxLjAifQ..Q45eRY9bXPGXqmqn.WFmA7ERvYw2gsZgAy8zjdBNsxp-fX828V0DMhwLfIw3XTk1cYiIXOaBT0uUkT8HA9mZfJJDBYodM_Ca3xt17lCqGoUHyS8pOtfZQ8pqfOTxdCL6-llVAQYKV9vHKPxWDXYhLxS9sDNTmVUGfALgxPeiZj8nZs9i7ZzFzYXtNyAIATrMSX-r4lGGMWxFgsNp-Vhk7PXZ2_8bgzXiFGLgPXCwVROD_WR7EEMSGTgN_ECbtsRz-ATriYS5s5tfzHhv1cT2f4ELB-OY84bl1nk5LOjSPBoDqXIX-K-pLb6lvXJ4WDFwjzNE7RDcNHlfnNeOivXoPPb4CmAdQvy3SpRJG6i00PgnuDryPOlUEubNoTloB4VPYM_l1n9ueilHugJbKG7B7HxTz5SFDI450dbrv0PSxG47tyC4o3RJ8KMxa4jT5mDEcI7szWQGpVJp_YMDq5yk47ZnDuZ5PnQYoxvzTPHEKVdi6CVsCslBdnxZk61Ep2pKbwa7zvFujS0E14srCOPCnVsE0NwUXx74c1a7H-mRqLCuH0Q0byplcEY1r8xS-ftvRDs1ahRCjxVIBrob9dJSy3bpRsi8wef1KB3wuhWJQMw.WNAXijIJxquWcAqzHeOJXA

The thing is, the JWT.MS does not decode it, I just see:

enter image description here

I tried pasting my token into the box, but nothing happens. I also tried using JWT.IO with the same token. I get the information:

Invalid Signature

Why does B2C return to me an invalid token?

like image 246
mnj Avatar asked May 17 '20 13:05

mnj

People also ask

What is a B2C token?

All tokens used in Azure AD B2C are JSON web tokens (JWTs) that contain assertions of information about the bearer and the subject of the token. The following tokens are used in communication with Azure AD B2C: ID token - A JWT that contains claims that you can use to identify users in your application.

How can I get access token for B2C?

To request an access token, you need an authorization code. Below is an example of a request to the /authorize endpoint for an authorization code. In the following example, you replace these values in the query string: <tenant-name> - The name of your Azure AD B2C tenant.

1 Answers

The thing was I did not enable implicit tokens in my app registration's Authentication blade.

like image 112
mnj Avatar answered Nov 07 '22 16:11

mnj
Sign in to Comment

Related questions

How to authenticate SPA users using oAuth2?
Jwt tokens authorization is not working
OAuth2 difference between callback url and redirect url?
IOException thrown by AccountManagerFuture.getResults whereas connection is alive
How can I get an updated access token, using stored refresh token
MVC 5 Identity 2 and Web API 2 authorization and call api using bearer token
Wrong number of segments in token (OAuth Google Api)
Google login get access token with new GoogleSignInOptions
spring boot oauth2 with jdbc token store gives oauth_access_token relation doesn't exist
How do chromiumapp.org extension redirects work for Google Chrome?
Federated vs. Delegated, OAuth vs OpenID Connect vs SAML
Firebase - Custom oAuth2 service - Authorization code?
InvalidOperationException: No authentication handler is registered for the scheme Bearer.
Where should a SPA keep a OAuth 2.0 access token?
SMS based OTP in keycloak is possible?
Azure AD - missing roles claim in the token
How do I force OAuth2 access token expiration with DotNetOpenAuth
OAuth 2.0 for desktop and mobile applications
Google cloud print OAuth scope not found
Yii 2 RESTful API authenticate with OAuth2 (Yii 2 advanced template)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!