This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 63%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWZ%3C/text%3E%3C/svg%3E)
I came along with so many questions and answers but could not understand or find solution as my case is bit different. I am using Azure with openIdconnect for Active directory authentication (ASP.Net framework 4.6.1)
it has been years it was working fine but a day before yesterday this error occurred for only about 1 hour. error was occurring when trying to do AD authentication.
Exception Message: IDX20803: Unable to obtain configuration from: '[PII is hidden]'.
Inner Exception: System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 400 (Bad Request).StackTrace: System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden]'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 400 (Bad Request).
during this local authentication and remaining whole application was working fine. After 1 hour this issue was automatically resolved. same happened yesterday. issue occurred for 1 hour and resolved automatically.
Other solution are suggesting to modify IdentityModelEventSource.ShowPII = true; But I dont think so it requires code modification.
Please guide what can be reason that this happens for only short time.
Note: this is happening on only one server all applications on other servers are working fine
Thanks in advance
Hello @Waqas Zaheer , usually this is being caused by a malformed Open IDC metadata document URL. IdentityModelEventSource.ShowPII is pretty useful for that purpose. Alternatively, you can Collect a network trace with Fiddler and find the mal formed call.
Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.
Thank you @Alfredo Revilla - Upwork Top Talent | IAM SWE SWA I applied two things one is as you said IdentityModelEventSource.ShowPII = true
and other System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
and it worked
That's great! Let me know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.
Thank you!