This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 21%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Hi
In my APP i have got an requirement to have GUEST and CUSTOMER Signup with different inputs.
When GUEST will signup they will not have to enter "loyalty_number"
When Customer will signup they must enter "loyalty_number".
For this I have created 2 seperate policies
In the appsettings.json we can mention only one single "SignUpSignInPolicyId" so I found that we can pass and overwrite the Policy name as follow.
var properties = new AuthenticationProperties
{ RedirectUri = redirect };
properties.Items[Constants.Policy] = "B2C_1A_SIGNUP_SIGNIN_GUEST";
return Challenge(properties, scheme);
Now everything is fine - When I click on GUEST or CUSTOMER - it opens the proper SignUP page, but when I try to SIGNIN or SIGNUP it is throse an exception.
Error.
An error occurred while processing your request.
Request ID: 00-7cc38632b8c2caa98aa1e1a3d1fa2312-8f8dfdb179e65bf3-00
Details
Message contains error: 'invalid_grant', error_description: 'AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1A_signup_signin and Expected Value : B2C_1A_signup_signin_guest Correlation ID: c87e0e0b-5e40-4862-a3c8-b5800738e5fb Timestamp: 2022-10-14 02:06:54Z ', error_uri: 'error_uri is null'.
Also when I checked it logins (when signin) or create the user (when signup) - but no claims are returned.
Please resolve my issue.
Thanks
Manish Pandit
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Manish Pandit ,
Thanks for reaching out.
This error is due to tokens which are retrieved for particular policy are not matching with that policy.
For different signup option, you need to pass Azure AD B2C policy Id for each action. The action passes a parameter named policy to authentication library which will allows you to provide the correct Azure AD B2C policy ID for the specific action.
public IActionResult SignUp_Customer([FromRoute] string scheme)
{
scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
var redirectUrl = Url.Content("~/");
var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
properties.Items["policy"] = "B2C_1A_SIGNUP_SIGNIN";
return Challenge(properties, scheme);
}
public IActionResult SignUp_Guest([FromRoute] string scheme)
{
scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
var redirectUrl = Url.Content("~/");
var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
properties.Items["policy"] = "B2C_1A_SIGNUP_SIGNIN_GUEST";
return Challenge(properties, scheme);
}
You need to make sure you to select the correct Account object in respect to the authority and use that against the matching SignUp B2C policy.
Hope this will help.
Thanks,
Shweta
------------------------------------
Please remember to "Accept Answer" if answer helped you.
Hi ,
Thanks for the reply.
I updated the code and ran the application. When I click on Signin_guest it opens up the proper Signup page. But When I click on Sign Up button after entering details it still throwing the same error.
Error.
An error occurred while processing your request.
Request ID: 00-7cc38632b8c2caa98aa1e1a3d1fa2312-8f8dfdb179e65bf3-00
Details
Message contains error: 'invalid_grant', error_description: 'AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1A_signup_signin and Expected Value : B2C_1A_signup_signin_guest Correlation ID: c87e0e0b-5e40-4862-a3c8-b5800738e5fb Timestamp: 2022-10-14 02:06:54Z ', error_uri: 'error_uri is null'.
No matter what , it is still referring to the signupsigninPolicyID mention in the appsettings.json.
Hi
Can you also please let me know in detail the following?
You need to make sure you to select the correct Account object .
Thanks
You need to select the correct Account object in your MSAL cache in respect to the authority and use that against the matching B2C policy in your acquireTokenSilent() call.
You can access accounts in your msal instance with instance.getAllAccounts(), it appears to append any new account object each time you make a loginRedirect invocation. You may need to select the correct account in the array when you pass in the account object to acquireTokenSilent
const accounts = instance.getAllAccounts();
const account = accounts[index];
const authResult = await instance.acquireTokenSilent({
scopes: config.authentication.scopes,
account: account
});
Thanks,
Shweta