authorize AzureAD access_token in .net 6 webapi getting invalid token signature

srinivas kolagani 1 Reputation point
2022-12-04T15:51:41.907+00:00

I have added my angular application into azureAD and trying to get access_token and passing that token to webapi but getting unauthorized error. I have tried multiple ways. I am just accessing basic weatherforecast controller with authorize attribute

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)  
    .AddJwtBearer(options =>  
    {  
        options.Authority = "https://login.microsoftonline.com/{tenant-id}";  
        options.Audience = "api://{client-id}";  
    });  

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)  
  .AddMicrosoftIdentityWebApi(options =>  
  {  
      builder.Configuration.Bind("AzureAd", options);  
      options.Events = new JwtBearerEvents();  



   

}, options => { builder.Configuration.Bind("AzureAd", options); });

266912-demo.png

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Bruce (SqlWork.com) 28,036 Reputation points
    2022-12-04T17:22:41.713+00:00

    In ad, under the application add api permissions

    https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis

    Be sure to include the scope defined with the permissions defined above in the angular msal login.