This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 52%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E2%3C/text%3E%3C/svg%3E)
My Azure AD B2C application has suddenly stopped authenticating requests due to "IDX40001: Issuer: 'https://<tenant>.b2clogin.com/<tenantId>/v2.0/', does not match any of the valid issuers provided for this application"
Looking at other similar forums posted on Microsoft, I have tried the following already:
"https://<tenant>.b2clogin.com/"I am using the following azure configurations in app settings:
"AzureAdB2C": {
"TenantId": <tenantId>",
"AuthorizationUrl": "https://<tenant>.b2clogin.com/<tenant>onmicrosoft.com/B2C_1_SignUpSignIn/oauth2/v2.0/authorize",
"TokenUrl": "https://<tenant>b2clogin.com/<tenant>onmicrosoft.com/B2C_1_SignUpSignIn/oauth2/v2.0/token",
"Instance": "https://<tenant>.b2clogin.com",
"Domain": "<tenant>.onmicrosoft.com",
"ClientId": "<back-end client id>",
"SignUpSignInPolicyId": "B2C_1_SignUpSignIn",
"ApiScopes": {
"Read": "https://<tenant>.onmicrosoft.com/<appId>/read"
},
"Swagger": {
"ClientId": "<secondary client Id to call apis from swagger>",
"ClientSecret": "<client secret>"
}
To enable authentication with swagger I am adding the following code to my program.cs:
app.UseSwaggerUI(c =>
{
var secretsManager = app.Services.GetService<ISecretsManager>();
c.DocumentTitle = "API";
c.DocExpansion(Swashbuckle.AspNetCore.SwaggerUI.DocExpansion.None);
c.OAuthClientId(builder.Configuration.GetSection("AzureAdB2C:Swagger:ClientId").Value ?? string.Empty);
c.SwaggerEndpoint("/swagger/v1/swagger.json", "api 1.0.0");
c.OAuthClientSecret(secretsManager?.GetSecret("AzureAdB2C:Swagger:ClientSecret") ?? string.Empty);
c.OAuthUseBasicAuthenticationWithAccessCodeGrant();
});
Also using the following method to configure swagger for implicit oauth flow:
private static void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
{
services.AddSwaggerGen(c =>
{
string[] methodsOrder = ["get", "post", "put", "patch", "delete", "options", "trace"];
var baseDirectory = AppDomain.CurrentDomain.BaseDirectory;
var commentsFileName = Assembly.GetExecutingAssembly().GetName().Name + ".XML";
var commentsFile = Path.Combine(baseDirectory, commentsFileName);
var scopes = configuration.GetSection("AzureAdB2C:ApiScopes").Get<Dictionary<string, string>>() ?? [];
var scopesDictionary = new Dictionary<string, string>();
foreach (var s in scopes)
{
scopesDictionary[s.Value] = s.Key;
}
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "api",
Version = "1.0.0",
Description = "Documentation for REST APIs"
});
c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows()
{
Implicit = new OpenApiOAuthFlow()
{
AuthorizationUrl = new Uri(configuration.GetSection("AzureAdB2C:AuthorizationUrl").Value ?? string.Empty),
TokenUrl = new Uri(configuration.GetSection("AzureAdB2C:TokenUrl").Value ?? string.Empty),
Scopes = scopesDictionary
}
}
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement()
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "oauth2"
},
Scheme = "oauth2",
Name = "oauth2",
In = ParameterLocation.Header
},
new List<string>()
}
});
c.EnableAnnotations();
c.OrderActionsBy(apiDesc => $"{apiDesc.ActionDescriptor.RouteValues["controller"]}_{Array.IndexOf(methodsOrder, apiDesc.HttpMethod?.ToLower())}");
//c.IncludeXmlComments(commentsFile);
//use fully qualified object names
c.CustomSchemaIds(x => x.FullName);
c.UseInlineDefinitionsForEnums();
});
}
When I run my app and make a request from swagger I get the following error:
www-authenticate: Bearer error="invalid_token",error_description="The issuer '(null)' is invalid"
In the console:
IDX40001: Issuer: 'https://<tenant>.b2clogin.com/<tenantId>/v2.0/', does not match any of the valid issuers provided for this application
This was all working fine until a few days ago and it has stopped working even though the configuration above has not changed.
Any tips or suggestions at this point is greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
26375912
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 19%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Please use Microsoft.Identity.Web 2.17.0 and read this article: https://github.com/AzureAD/microsoft-identity-web/wiki/Deploying-Web-apps-to-App-services-as-Linux-containers