ASP.NET core tokenAcquisition.GetAccessTokenForUserAsync() is generating accesstoken on Localhost but not on server.

Abhay 0 Reputation points
2023-10-25T05:57:26.78+00:00

I am trying to get token of User with Client ID and Client Secret provided. In My asp.net core

startup.cs code is like below:

  services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
  .AddMicrosoftIdentityWebApp(Configuration, "AzureAD")
  .EnableTokenAcquisitionToCallDownstreamApi(new string[] { "user.read" })
  .AddInMemoryTokenCaches();         


And My class filr is having code:

var clientId = Configuration.GetSection("AzureAD:ClientId").Value;

var scope = new[] { clientId + "/.default" };

var accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scope);

In my localhost all is working fine accessToken is having value. But when i deploy it on Azure App service. accessToken is empty string.

Please help what can be wrong here.

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,307 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,201 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. brtrach-MSFT 15,696 Reputation points Microsoft Employee
    2023-10-25T23:20:49.3933333+00:00

    @Abhay It seems that the issue you're experiencing is related to the configuration of your Azure App Service. To troubleshoot this issue, there are a few things you can check:

    First, make sure that your App Service is properly configured to use Azure AD authentication. You can do this by going to the Azure portal, selecting your App Service, and then going to the "Authentication / Authorization" section. Ensure that the "App Service Authentication" is turned on and that the "Action to take when request is not authenticated" is set to "Log in with Azure Active Directory".

    Next, check if the App Service has the correct environment variables set up. You can do this by going to the Azure portal, selecting your App Service, and then going to the "Configuration" section. Ensure that the "AzureAD:ClientId" and "AzureAD:ClientSecret" environment variables are set up correctly.

    Also, check if the App Service is running on the correct environment. You can do this by going to the Azure portal, selecting your App Service, and then going to the "Configuration" section. Ensure that the "ASPNETCORE_ENVIRONMENT" environment variable is set up correctly.

    Additionally, check if the App Service is using the correct version of the .NET Core runtime. You can do this by going to the Azure portal, selecting your App Service, and then going to the "Configuration" section. Ensure that the "ASPNETCORE_RUNTIME_VERSION" environment variable is set up correctly.

    If none of the above steps work, you can try enabling diagnostic logging for your App Service and checking the logs to see if there are any errors related to authentication.


  2. Bruce (SqlWork.com) 59,471 Reputation points
    2023-10-26T19:57:31.2566667+00:00

    with an azure app service, which is a web farm, you need to use a distributed cache or enable session affinity.