jwt.ms cannot handle query parameter exceeds 2048 characters / Why AAD B2C Authorization Code is longer than 2000 characters?

Bandhit Suksiri 21 Reputation points
2023-04-20T13:28:29.9+00:00

Related to https://github.com/Azure/api-management-developer-portal/issues/2160. Recently, I discovered that the Authorization Code returned from Azure AD B2C is longer than expected when compared to Azure AD. I also discovered that jwt.ms returns an error when the query string exceeds 2,048 characters. User's image

Questions:

  1. Is there a reason why the AAD B2C Authorization Code is longer than 2,000 characters?
  2. If it must be longer than 2,000 characters, I believe we may discovered a bug on jwt.ms because it cannot handle query string exceeds 2,048 characters. Supplement
  • Azure AD B2C: more than 2,400 characters.
eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMCIsInppcCI6IkRlZmxhdGUiLCJzZXIiOiIxLjAifQ..YMkkMiroq3rfMQdx.xXntiWZq-hz0mDlZZdm4x4fhE_HwwbI2-NY6U3fAt1hvSbdgtTpyk0XEC-fGFhWpKU54E3j-tIx-e03mj0Bkkc52DGDaFi7H9XtTIKlk_SdfW52C9SXwYXyvSsa4wRXS-L_L6JqubdLBIw1Ud-1MgXv2hHacTSEYBb_jvBWBbADb4Uvolt6HZ4QZinYVBvMQFa_dn_Y6LDlpa6pHXeWyrVCHZQtn5KHycI6Oxfm1pp7yWrLeH9DKbyv-LnqwDiCrvQYtM1XY6G6bDOMbh88OI0AkhsysWqBxgYHmaYlN0579YD-DOmqSBrd4VjgZ7qzIFD4Yeb6OPDG3-2VbuS0UYg2uki7BIltTgJSsRuuRzWtk3F4FKvD6DE3l00CcFRy6SnH9jzytHM2iku-4deNrkXUTbSRZuFGhJapdU_feTiLGr1qCgiQ6a2LyQ91yrwE48D39ERWv5Q8Dk2gP0S8eALhKEs29AaisahoeCf7kV9gvtuu_fbtgLVUlVGWmIjGkKEz8SmtZFlUZFm20jsh30gZkTM-SM49wxpmoEgvsLP4dIG6ozAsC8c0jD8fC5hXQ5DOMmCUBokrsicA0QwhpGvDY1DNn6c6gr23gXYElKA1NTWszxpCyi5k7ibDsd1nTYkXEJxssZteQk6raSs3gQRfs1i2PLeCIEHEbeP8Q3PoPP9ZaKGYRYKyYfub_tdIgBITElA0EdzHtrnIdgjDncfNjAeTEIzWXxeFuj6wpYTZxjPR2bTXkXYMdKZkB5F3dcvUSeY4OlaViLBJNjygYMBm2npf_c61qVashYkYgA7sO3hApfR_kT1fldqXRM3NDgO1c72dfxMxTZf6d7xhJ42-UKuxtTpUfyxruwcsgErqCtFmUhX-8jx4NJXU0IVgfNZ_fu8_Kcr98LA5EP7agMY7951zpwDDiZTvGiCLaSNGeOEM2QOJ9flOnfLf8a3eVkyRE8xuQSIu5Z1wRykK78HOFWvedtuQVFgqMUwjZBMC_OAmpZYofSDBi6cEhWSotTw8UmPXLwjq2PC9cAmwxNXDv9r-5uOjisMJPM02dwtVZ0aZ1F81vSdaeXXDckziFws5-rFCBzgagOFENpXzajJND_AIDoKMojgGhK-kGX4zeaR3joHMoGccIUXin-hXTWQU6B3ra1ryyBE-22X-eccjyQSi9n8XQ_VHFYzZNVIwLANkak4AZQAbyvT0HiSlW5SmBstu2ORtqb2UcPM6F6SekqQcq23US9H5fuZWb87YeB05K4Rl2GAlse2eInlaPbz47fN8r8t3wtJiBkUwgPH9-x_ZND_lqopQW2D6KjWf6owEOmo-LOzkDfreU8bQftGebIRU-WkXJ8HtiNKtlWnjzROEQgtTHVxUp5MEyxcBHMRLETlWnsbpwYQO20xBXxjmUIKam5cUOjV0sk26Rpw_79RHzxkN5t0Ui5poDaEnyda3ds3PcAFsG9z7ioeL1z_G2c9itYVJh2kSaUsd1K3yUxy8K_OljOdAqTMY4Bdc0K7hBX0kzxOZ30_17uo9hS0T98Yb5l_3LVTMPDs9hVEMAm3N5Cc_cl0QQS3sgW_n87-9tRfsCUx_rDzBH8EchgOZ_lCY3L1H4VsxvjSFpyha8T0E5EIr3SJTNdqNsy4g-SemjKcrWOMF0lyc3BvIlDy1Foqtmz1JC0k3xQqSSQUyqNM06tGlLQqelxejXbg28BMMmCNsOLdHDT8WHDa3MzBa9SYhl_iS8Arv0Z0v4uF5OBPsAw1V2mx1YpPyQ5URGV75LiaIi5dDifDLdCPs51l0uMkVkdBm6aWO_kzioP08hH0KqQBwnHq9WTTjUkpeDA-d19QdGUo3LD4z5XC8PIj7_KfXUcXb6_14P61GkyjHzSfBarQc5XLBTKfUDFrmWB503IXOrXWnlrqMeDXq1sPB067BX1M599y2fYZpAWi_vzTr_Lx6H8hmx8z30qf18O-Gy6unPv3ojRa3RLrCz4E0iyE1Z9v1NoVxPc-pI2eeJILum8ILARfyFyz5dK1envOo29dn6Kk22q49IZc1SXF-2S2JKyHtqk6e3hYMP5pdJnwBkBJPdiv4wM6aO8ztFd0qOPA8AZVrQzXh4RXavD65AMLqfq7vcmlsOeqanF1yZjqS8wYq3HGBEW2Zul6ntUVIoumVQa0pOActyPrZWEBOqmkZuoCNlau1H5SFcmgRIKxD7Q6e4JWoe100gO2Q1VLad8syXZb1X2RnM88Qe4YCRQD0N2zuXqH9tJWhrnlj9gDeAC9aU7cSO.kTpoJDfKaJnnOUCyAVa72g
  • Azure AD: around 1,000 characters
0.AT4ATsw-bHcgdk2sCnwU3uWblKt3a57vRcBIk998Bp7lmDs_AMA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P9_RzrmPsJwODgCw4g7kFFgYR2ezs8148Ksb5mYZBakwsI34LP9Q4XuwumCQrkwLNGRCSzyQO0-4bBilARLwu6MTUFruXz7_tT1VTXRfEOKGi77Uo2zUgACBsEZNY5pJmfo7JDij2mDt9vMQbG6Qpd35cIHu9oy9PcYULVJyjghtrWw54KFTetb9ZW6HKMGxGr9__3hUUnTHYFTAL9hE7joX5Lqqyqu-ftepyQ3-7w6aPsJAh2VLA6JrRtWj14TU7z0PJFFPmCWtiXhbTfWEk0VfLaxtRk76KvRCCNth72Jd3-zQusziKugbseKd9RIj4w50jRBMPI7JAeDb3ZHvfrkqdMqr_41api7iyD7NIohBnY6omKudnf3DB9Wd0j2xxfDISwO06udkGsYQBQ7Ui88sO8sW4ZtPE34zz1-CzdlRU-p0Gp1y0Yk-AjOhlBHOKSUyRS7Bfwc4ys4f8HlxJvMCAlHyqdUbiRfg2hl4DwLLQHlZuuVACa7_OXUmoKtApRqabXIhW7RV6xqrs4KV2D-pQfe0uvmrfsTuZEjMV2UT6-iECKtT-obRBfXRofPqXyuakwxVMuCXNuv2tambWH81EO-WFYJePrW9T1g2r1vsyaIQrlGSJ5PTF6T70R6oKaUEjwlafGvcGLnaaBJugXQgWWjth9RDXuKcRJWOUWtIwSWPuDbVROhGxHd6oltLrJJFQTjwkYhP7RMOSfwn0WsiF9PJlcP4EQ_lYiMRirmE8kobe_wW4DJqwnecVKHD8Y2QVWHjKYb3ZYe0I4rYxK0SEilDqVyjvqHqP9a9jCMKJZzKhBVBYJy8w3DrpqJpBlnNEG88JOjUAMiEhvc9VjvAr34DAujyuG8PBRpz_Crgg4s
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,684 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,908 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more