Azure AD B2C: Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long. After login
I know a similar question is already asked earlier at stack overflow but it didn't worked for me. Kindly read the entire question before answering/commenting.
I have implemented AD B2C in two web application all were working fine till last week. Now all of a sudden we are getting
Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long.
when the user tries to login into the website. Since my website requires every user to be logged in, it has blocked us completely.
My web app are also not working in incognito/inprivate window. Browser: Chrome, Firefox and Edge
When I open the application in chrome(not incognito) after deleting all the history I can see there are around 160+ cookies from the the web app url.
Yes too much cookies seems to be killing my webapp, but its happening even after deleting all the history of browser and in private browsing too.
Even I have reduced the claims attribute to 3 suspecting that more claims attributes might be increasing the header size.
I have tried this too but in vain.
Bottom Line: Deleting cookies and reducing claims both are not working for us and we are blocked. Thanks in advance.
I got this fixed after raising a ticket with Microsoft Support team.
Cause: There is a well-known issue with Owin Middle ware where it doesn’t set the authentication cookie and we end up being in a login loop. I was using an older version of OWIN.
Resolution: OWIN Version 3.1.0.0 has integrated the fix in terms of a cookie manager.
NOTE: In-spite of using the fix, we can run into issues if we have custom SESSIONSTATE handler being used in the application. In STARTUP.AUTH.CS, we will need to make the following changes
Old:
app.UseCookieAuthentication(new CookieAuthenticationOptions{});
New:
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = "Cookies",
CookieManager = new Microsoft.Owin.Host.SystemWeb.SystemWebChunkingCookieManager()
});
Below is the question discussing the same:
Hope this helps other.
Happy Coding.
- Unable to get all users from Microsoft Graph using Python SDK
- You need to ensure that WebApp1 uses the ASP.NET v4.7 runtime stack
- MS Graph API - How to query additional pages
- how to hash users into random values in azure databricks
- How can I manage Azure SQL user/login/credentials
- How to connect secrets value stored in Azure key vault to Azure app service env variables directly
- AVD Insights Host Performance Blade Empty after vhange to new Azure Monitoring Agent
- How to get a list of users from azure graph API
- Azure App Service Flask Deployment Error: "Failed to Respond to HTTP Pings on Port 8000; Site Start Failed. Check Container Logs for Debugging."
- Azure Function App - No continuous deployment setting for "Flex Consumption" hosting plan?
- Az-GetRoleAssigments Not returning Data for DisplayName, SignInName & Object Type - Azure Powershell Runbook
- Can you publish a new standalone Angular project (esproj) directly from VS2022 to Azure?
- Cors configuration
- Publish error: Found multiple publish output files with the same relative path
- remove event subscriptions from system topics
- node-fetch azure document translator
- Is it possible to use .env in a React Web project?
- Sign in to Azure Account from VS Code
- How to copy blobs from azure to aws using python?
- AKV10032: Invalid issuer error when connecting to Azure Key Vault from App Service
- how to mask hash users into random values [email protected] in azure databricks
- Can we use PostgREST API with Azure
- Bicep adding DNS Records saying already exists when it doesn't
- Issue in sending personal message in MS Teams with Graph API
- import files to databricks workspace
- Create an Api connection to log analytics workspace via bicep
- az funcapp publish .net8 Isolated breaking Azure configuration runtime settings on Sync
- Is there a way to get more than 1000 Packages and versions from Azure DEVOPs Feed RESTAPI for GET Packages?
- how to insert json into cosmos db collection using c#
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?