question

artmasa avatar image
0 Votes"
artmasa asked FrankHuMSFT-3200 edited

Azure AD B2C with AAD SignIn user journey is expecting wrong issuer

I have setup the AAD Sign In within B2C following the instructions in this documentation article: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-aad-custom?tabs=applications

The process fails when AAD redirects to the response endpoint on B2C and then being redirected to https://jwt.ms with the follwing message: AADB2C90238:
The provided id_token does not contain a valid issuer. Valid issuer values: 'https://sts.windows.net/<aad-tenant-id>/<b2c-tenant-id>/'. Please provide another token and try again.

Of course this will fail because the token originating from AAD issuer will only be https://sts.windows.net/<aad-tenant-id>

Why is B2C expecting the B2C tenant ID as part of the issuer from AAD?

azure-active-directoryazure-ad-b2c
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hey Artmasa, I see this is a duplicate question from https://social.msdn.microsoft.com/Forums/en-US/db46c12d-abc9-4bff-86da-9c24a00232dc/azure-ad-b2c-with-aad-signin-user-journey-is-expecting-wrong-issuer?forum=WindowsAzureAD

Were you able to check if the technical profile was setup properly? If you followed the instructions accordinlgy, this shouldn't be occurring.

0 Votes 0 ·

In addition to that, can you check if you have the validtokenissuerprefixes claim in your custom claims policy?

See here for more information on this claim : https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom?tabs=applications#add-a-claims-provider

1 Vote 1 ·

Thank you. I had the wrong value for the prefixes

1 Vote 1 ·

Hey Artmasa, could you respond to the comments in regards to this issue for further help?

Thanks,

0 Votes 0 ·

1 Answer

FrankHuMSFT-3200 avatar image
0 Votes"
FrankHuMSFT-3200 answered FrankHuMSFT-3200 edited
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.