Entra Id - App only access: How can the authenticated application be identified if the claims returned give no indication of the used client ID?

Raus, Gereon (DI IT DEMA ALM 3) 0 Reputation points
2023-11-23T08:31:23.2733333+00:00

Dear community,

after struggling for a week, I was able to successfully set up app-only access (https://learn.microsoft.com/en-us/entra/identity-platform/app-only-access-primer) for our project. My problem now is that I can create multiple client secrets to authenticate different app clients, but the claims returned do not return the corresponding client ID of the client secret used, making it impossible for me to properly authorize the clients. What do I need to do to get Entra to return the used client secret/ID?

Many thanks in advance

Gereon!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,500 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 29,531 Reputation points Microsoft Employee
    2023-11-23T10:52:42.07+00:00

    Hi @Raus, Gereon (DI IT DEMA ALM 3) ,

    Thanks for reaching out.

    You can find the client id of the claims as "appid" in the access token issued by Entra ID. the appid represents the application ID of the client using the token.

    User's image

    appidacr is indicates authentication method of the client. When you use the client ID and client secret, the value is 1.

    Hope this will help.

    Thanks,

    Shweta


    Please remember to "Accept Answer" if answer helped you.