AcquireTokenSilentAsync: result.AccessToken == null on my own B2C about active-directory-b2c-dotnetcore-webapp HOT 8 CLOSED

@NikolaosWakem , can you share details on what the issue was. I'd like to see if there's anything we can update to prevent people from running into the same issue.

from active-directory-b2c-dotnetcore-webapp.

Thanks for you help in tracking this dow

I've wasted at least 30-40 hours finding this out the hard way over the last 3 weeks so let's fix it or thoroughly document it. Scope must be vanity name, authority must not be vanity names for access tokens to work

from active-directory-b2c-dotnetcore-webapp.

Quick update - finally managed to get this to work after removing and re-adding my application from Azure B2C and then making sure my scopes were configured correctly. It does not appear to work without specifically defining custom scopes - the default user_impersonation scope alone will not provide an access token.

from active-directory-b2c-dotnetcore-webapp.

@NikolaosWakem I'm seeing exactly the same issue. My configuration is correct (as it is documented), and I don't believe this is related to the reply url - it appears to be related to scopes, but I'm not sure what the solution is right now, and the Azure portal doesn't give the option of adding access related token scopes either.

from active-directory-b2c-dotnetcore-webapp.

@NikolaosWakem This sample works fine for me. Suggest you capture request using Fiddler and find out what's wrong.
@garethrampton Yes, the code is not matching the readme guideline. You need to register another web api application, and define scope, then grant api access to the web app application. All these steps can be done on portal. Suggest you follow steps in this article.

from active-directory-b2c-dotnetcore-webapp.

@NikolaosWakem is using a tenant that has an additional domain name (mydomain.com) connected to the Azure AD B2C tenant (mydomain.onmicrosoft.com). Using mydomain.com as the tenant name in the request URL causes our service to prevent returning access_tokens (although id_tokens are returned just fine)

from active-directory-b2c-dotnetcore-webapp.

I still can't get this to work. I never receive an Access token although I receive an Id token fine.
@allenhula I followed the steps in the linked article which is how I'd had things set up anyway.

Anyone have any pointers on how to get this working - or can provide a sample configuration?

The other thing I see - is when auth'ing directly via my web app the auth process works as expected (minus the ability to get an access token), but if I try using any variation of the "run now" link from the Azure portal I get a remote failure with the error that the message.state is null or empty.

from active-directory-b2c-dotnetcore-webapp.

@garethrampton can you elaborate more on the "any variation of the run now link". Also, can you share the correlation ID when you hit the failure?

from active-directory-b2c-dotnetcore-webapp.