azure-docs
azure-docs copied to clipboard
MicrosoftDocs
The provided application is not configured to allow the 'OAuth' Implicit flow
Something is missing from this doc page.
I'm getting the following error when I try to Sign Up/In:
Error. An error occurred while processing your request. Request ID: 00-20069ea3b2c75ed9cff1ff0668d45940-f2f6457a8e70d472-00
Details Message contains error: 'unauthorized_client', error_description: 'AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow. Correlation ID: f925a418-dc36-4ecf-b1d3-ab0b5ef0a363 Timestamp: 2022-08-14 15:59:47Z ', error_uri: 'error_uri is null'.
© 2018 - WebApp_OpenIDConnect_DotNet
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 714f2c6b-3bc4-9e14-7f0a-7b56d52ac1fa
- Version Independent ID: 7a00b7d7-f46b-1aa3-f2ea-7fd0bcee3f95
- Content: Configure authentication in a sample web application by using Azure Active Directory B2C
- Content Source: articles/active-directory-b2c/configure-authentication-sample-web-app.md
- Service: active-directory
- Sub-service: b2c
- GitHub Login: @kengaderdus
- Microsoft Alias: kengaderdus
@spacecat Thanks for the feedback. We are investigating the issue and will update you shortly.
Hi @spacecat ,
Please see the screenshot, Kindly enable to access token and Id token to allow for OAuth
@spacecat ,
We are going to close this thread as resolved but if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.
The documentation hasn't been updated for this: it still says you only need ID tokens checked.
Before you do that though, as far as I can tell, the recommendation for web applications is to use Authorization Code flow rather than Implicit flow (see here). The text in your screenshot under "Implicit grant and hybrid flows" even says that only ID tokens should be checked for .NET Core web apps.
I've tried adding the following code to use Authorization Code flow:
services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.ResponseType = OpenIdConnectResponseType.Code;
options.Scope.Add(options.ClientId);
});
This has let me log in successfully, however after login, if I try to redirect to a policy (e.g. return Challenge( new AuthenticationProperties { RedirectUri = redirectUri, Items = { "policy", "b2c_1a_changepassword" } });) then it fails with the same error:
AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow
It would be nice if this piece of documentation (and others like it relating to web apps) gave more details about how to set up Authorization Code flow given it's the recommended approach especially considering it's not used when integrating using AddMicrosoftIdentityWebApp() how most samples show.
