This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 51%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Hi All,
In our application when User is redirected to Sign Up page (https://signin.***.com/***.onmicrosoft.com/{sign_up_policy_name}/), user has choice to Sign In if he already is a Sign User, for this we have a hyperlink with following url pattern : (https://signin.***.com/***.onmicrosoft.com/{sign_in_policy_name}/). When user clicks from on this links he is redirected to sign in page. But user is not able to sign in properly and we are getting following error with error code:
com.microsoft.aad.msal4j.MsalInteractionRequiredException: AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : {sign_up_policy_name} and Expected Value : {sign_in_policy_name}
Could you please help and give guidance on how to resolve the issue. Can we switch from https://signin.***.com/***.onmicrosoft.com/{sign_up_policy_name}/ url to https://signin.***.com/***.onmicrosoft.com/{sign_in_policy_name}/ url?
Hi @Rohit Karmarkar • Thank you for reaching out.
Looks like it is trying to do a silent authentication in the context of the sign-up policy. The hyperlink that you have for the sign-in policy must invoke MSAL to trigger a new request to invoke the sign-in policy. You can include the prompt=login parameter in the URL of the sign-in policy to force interactive authentication.
I tested it out by creating a custom HTML page for the Sign-Up policy which includes a link to go back to the Sign-in policy and it works without any issue.
https://amsinstor.blob.core.windows.net/temp/unified.html (View page source: )
See this in action:
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi @AmanpreetSingh-MSFT ,
I am only able to access this page: https://amsinstor.blob.core.windows.net/temp/unified.html
Could you please share url of custom/test page from where we can signin.
Could you please also let me know if it is a good practice to switching the policies dynamically for example sign_up to sign_in or sign_in to sign_up. Should we redirect users back to our application and then re-initiate the request, rather than dynamically switching policy.
@Rohit Karmarkar • I have updated the link in step 1 of my answer above. It is recommended to reinitiate the request, dynamically switching policy may lead to unexpected behavior or HTTP 400 - bad request.
@Rohit Karmarkar • Just checking if this answers your question. Feel free to tag me in your reply if you have any questions.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 31%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
We have a similar situation, in our case, we have an android app and we are using azure ad b2c for authentication.
We have a requirement to be able to redirect the user to the sign-up page with a click of a button and once the user creates the account using the sign-up page continue the journey i.e complete the registration process by calling APIs protected by Azure AD B2C, in-order to do that when we try to acquire the token silently we get the error as below.
AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1A_MigratePassword_signup_signin and Expected Value : B2C_1A_MigratePassword_signup
We do not want the user to be prompted to enter the credentials again to finish the registration process.
any help in this regard is highly appreciated. if you need more information please let me know.