question

SreenivasReddy-0562 avatar image
0 Votes"
SreenivasReddy-0562 asked ThusharaManchanayake-9846 answered

AzureADB2C apple id authentication not working

I have created ADB2C custom policy as per the docs recommendation

https://objects.githubusercontent.com/github-production-repository-file-5c1aeb/44556479/3789016?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220420T173319Z&X-Amz-Expires=300&X-Amz-Signature=b72d9b43f8cc34d7b49669873620f0328c41741c4b9ac807c4a23fb8d26c811d&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=44556479&response-content-disposition=attachment%3Bfilename%3DAzure.AD.B2C.-.Sign.in.with.Apple.Custom.Policy.Doc.pdf&response-content-type=application%2Fpdf

But I'm getting this error

We encountered an 'invalid_client' error connecting to the identity provider. Please try again later

azure-ad-b2c
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@SreenivasReddy-0562,
I'd want to check in and see if you had any other questions or if you were able to resolve this issue? If you have any other questions, please let us know. Thank you for your time and patience throughout this issue.

0 Votes 0 ·
sikumars avatar image
0 Votes"
sikumars answered ThusharaManchanayake-9846 commented

Hello @SreenivasReddy-0562,

Thanks for reaching out and apologies for the delayed response.

I was unable to open the URL you mentioned. However, based on your query, I believe you are trying to add apple IDP to Azure AD B2C but get an 'invalid client' error while connecting.

To better assist you in this scenario, I would recommend that you setup and collect Azure Active Directory B2C logs with Application Insights and share the detailed error message along with the correlation ID and timestamp. Also, if possible, could you please share the link that you are referring to again?

I'd like to share some similar threads for your reference just to make sure we have everything set up correctly.

Detailed guidance:
https://github.com/azure-ad-b2c/samples/tree/master/policies/sign-in-with-apple
https://docs.microsoft.com/azure/active-directory-b2c/identity-provider-apple-id?pivots=b2c-user-flow

Troubleshooting guidance:
https://fluffy.es/how-to-solve-invalid_client-error-in-sign-in-with-apple/
https://docs.microsoft.com/en-us/answers/questions/288097/azure-ad-b2c-apple-sign-in-not-working-with-azure.html
https://docs.microsoft.com/en-us/answers/questions/744674/index.html

Hope this helps.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ThusharaManchanayake-9846 avatar image
0 Votes"
ThusharaManchanayake-9846 answered ThusharaManchanayake-9846 edited

Hi,

I am also getting same error, but we are using User Flow policies and not custom polices. Authentication with apple id was working fine. After one year or so, we have started getting this error. This is the error thrown by Angular MSAL package.


ServerError: AADB2C90289: We encountered an 'invalid_client' error connecting to the identity provider. Please try again later. Correlation ID: f9ffe568-0e1d-4255-b7d0-621ecfb8f0dc Timestamp: 2022-05-12 14:14:53Z at ServerError.AuthError as constructor at new ServerError (http://localhost:4200/vendor.js:37830:28) at MsalService.push.ZES5.UserAgentApplication.saveTokenFromHash (http://localhost:4200/vendor.js:51445:25) at MsalService.push.ZES5.UserAgentApplication.processCallBack (http://localhost:4200/vendor.js:50920:29) at MsalService.push.ZES5.UserAgentApplication.handleRedirectAuthenticationResponse (http://localhost:4200/vendor.js:51030:14) at new UserAgentApplication (http://localhost:4200/vendor.js:50029:22) at new MsalService (http://localhost:4200/vendor.js:33743:9) at Object.MsalService_Factory as factory at R3Injector.hydrate (http://localhost:4200/vendor.js:67966:35) at R3Injector.get (http://localhost:4200/vendor.js:67788:33)

Do you any idea why we have started getting this error?


Thanks in advance...

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.