Blazor Server webapp issue using Microsoft Identity Platform for authentication

Stefano Milanesi 21 Reputation points
2024-01-24T16:30:34.6566667+00:00

Hello everyone, I developed a web application with Blazor server that uses Microsoft Identity Platform for user authentication. I created the project by following the step-by-step instructions in this article: https://learn.microsoft.com/it-it/entra/identity-platform/tutorial-blazor-server The project was created correctly, in Azure portal in the "Entra ID" service I find the application created and configured correctly with the same information/data reported in the Visual Studio 2022 project configuration file (appsettings.json). By choosing the "https" profile and running the exact same application on two different development machines, one works correctly in the other (the one from which I created the project) I continue to receive the following error: MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'XXX'. Trace ID: YYY Correlation ID: ZZZ Timestamp: 2024-01-24 14:50:54Z I confirm that the key used ("ClientSecret") is correct and It is the same for both applications on the two development machines. Any ideas on this? Thank you Stefano

Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,321 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,690 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Bruce (SqlWork.com) 52,591 Reputation points
    2024-01-24T21:26:33.9766667+00:00

    the error is pretty clear, the secret value is not valid for the specified clientid. how are you storing and retrieving the secret? the sample uses the default dev secrets storage and is not shared between machines.


  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  3. Alfredo Revilla (MSFT) 26,756 Reputation points
    2024-01-31T05:35:31.5566667+00:00

    Hello @Stefano Milanesi , as suggested by @Bruce (SqlWork.com) , the AADSTS7000215 error is due to an invalid cliente secret. To ensure the right secret is used by your application, switch to App Service app settings. They are more secure and will override any file based setting. For how to, take a look at Configure app settings.

    Also, considering not storing secrets, specially production grade, in the file system or in clear form since its not secure.

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.

    0 comments No comments