ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,182 questions
Bearer token authentication is not permitted for non TLS protected endpoints (MS Graph) C#
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 17%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Mike860
1
Reputation point
Hello,
I am having trouble pulling a user’s photo from MS Graph. In my app, I have configured ASP.net Core Identity to use Microsoft as an external login / registration choice. Locally, it pulls the picture fine, which leads me to believe it has something to do with IIS or some other underlying technology in the server environment.
When I try to register the user in production, I get the following error:
----------
Error loading external login information (Graph). System.InvalidOperationException: Bearer token authentication is not permitted for non TLS protected (https) endpoints. at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory1 pipeline, Boolean async) at Azure.Core.Pipeline.TaskExtensions.EnsureCompleted(ValueTask task) at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.RedirectPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory1 pipeline, Boolean async) at Azure.Core.Pipeline.TaskExtensions.EnsureCompleted(ValueTask task) at Azure.Core.Pipeline.RedirectPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory1 pipeline, Boolean async) at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory1 pipeline, Boolean async) at Azure.Core.Pipeline.TaskExtensions.EnsureCompleted(ValueTask task) at Azure.Core.Pipeline.RetryPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) at Azure.Core.Pipeline.HttpPipeline.Send(HttpMessage message, CancellationToken cancellationToken) at Azure.Core.Pipeline.HttpPipeline.SendRequest(Request request, CancellationToken cancellationToken) at Azure.Security.KeyVault.KeyVaultPipeline.SendRequest(Request request, CancellationToken cancellationToken) at Azure.Security.KeyVault.KeyVaultPipeline.SendRequestTResult at Azure.Security.KeyVault.Certificates.CertificateClient.GetCertificate(String certificateName, CancellationToken cancellationToken) at OfficialBlogProject.Helpers.Helper.GetCertificateAsync(CertificateClient certificateClient, SecretClient secretClient, String certificateName) at OfficialBlogProject.Helpers.Helper.LoadCertificate(IConfiguration config, String certificateName) at OfficialBlogProject.Services.BasicExternalLoginService.GetMicrosoftGraphPhotoAsync(String token) at OfficialBlogProject.Areas.Identity.Pages.Account.ExternalLoginModel.OnGetCallbackAsync(String returnUrl, String remoteError).
----------
My first thought was enabling TLS 1.2 for IIS 10 might fix the issue, but it has not. I enabled HSTS settings and HTTPS redirect in IIS and the code. I am not sure where to look in terms of a solution for this. I would appreciate any help. If you need additional information, please let me know. I will be happy to provide it. Thanks for all that reply.
Regards,
Mike
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 7.000000000000001%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Mehtab Siddique (MINDTREE LIMITED) 966 Reputation points2022-06-17T12:26:34.057+00:00 Hi @Mike860 ,
Is this the same issue can you please check this link of S/O: https://stackoverflow.com/questions/72610873/method-works-during-a-debug-session-but-not-in-production. You can also please check this GitHub thread which has a similar issue.
Sign in to comment