Application insights for token endpoint

A3434342 41 Reputation points
2021-06-14T21:44:13.6+00:00

I am performing auth code flow calls by doing the following steps:

  1. The authorize call is like this: https://my-tenant.b2clogin.com/my-tenant.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A__my_policy&client_id=my_client_id&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=my_client_id+offline_access&response_type=code&prompt=login&code_challenge=dolxXdAyFs6F5sppapYhjPMRewDjgQ_O2xuFO5L3Ulg&code_challenge_method=S256
  2. Using the code that gets returned from the /authorize call, I use it to call the /token endpoint like this:

curl --location --request POST 'https://my-tenant.b2clogin.com/my-tenant.onmicrosoft.com/B2C_1A__my_policy/oauth2/v2.0/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=<code_from_the_first_call>' \
--data-urlencode 'client_secret=<my_client_secret>' \
--data-urlencode 'code_verifier=RQRwqIm-9ZSgeIhdy_TnWbFkSepURvzoSusPuAZGZhae17dc'

On doing these two calls, I get this error:

{
"error": "invalid_grant",
"error_description": "AADB2C90085: The service has encountered an internal error. Please reauthenticate and try again.\r\nCorrelation ID: 2b58e1d8-c0b3-45ec-994d-b00e9990ec37\r\nTimestamp: 2021-06-14 21:43:22Z\r\n"
}

My question is where can I get more information about that correlation id? I have application insights setup, but that is for the policy flow. The logs for the token call do not show up there. Any guidance would be highly appreciated. Thanks

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,844 questions
0 comments No comments
{count} votes

Accepted answer
  1. JamesTran-MSFT 36,596 Reputation points Microsoft Employee
    2021-06-30T22:19:38.297+00:00

    @A3434342
    Thank you for your post and I apologize for the delayed response! When it comes to using the CorrelationID, you can try to search for it using Kusto, Azure PowerShell, or the Azure Portal within your Log Analytics workspace.

    Getting started with Kusto:

    #Sample query to just show correlationId  
    Logs  
    | where correlationId contains "2b58e1d8-c0b3-45ec-994d-b00e9990ec37"  
    

    Azure PowerShell:

    Get-AzLog -CorrelationId "2b58e1d8-c0b3-45ec-994d-b00e9990ec37"  
    

    Azure Portal:
    110785-image.png

    Additional Links:
    Error codes: Azure Active Directory B2C
    How to track Azure AD B2C errors using Correlation ID?

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.