I am creating an Angular 7 application. we have used angular-oauth2-oidc to connect to Azure AD and authenticate. Azure AD set as OPENID for authentication. From the team managing Azure AD we have got one secert key also. As i am new to this i am not able figure out where this need to used. Searching online also didnt get much help.
When i publish this code and open application its gets redirected, but after signing in in micosoft site itself it throws below error
AADSTS50146: This application is required to be configured with an application-specific signing key.
Can anyone help on this.
Below is the sample of code we are using in app.component.ts
export const authConfig: AuthConfig = {
issuer: 'https://sts.windows.net/<tanend id>/',
redirectUri: window.location.origin + '/',
logoutUrl: 'https://login.microsoftonline.com/<tanend id>/oauth2/logout',
clientId: '<cliend id>',
strictDiscoveryDocumentValidation: false,
responseType: 'id_token',
scope: 'openid profile email',
waitForTokenInMsec: 2000,
oidc: true
};
private async ConfigAuth(): Promise<void> {
this.oauthService.configure(authConfig);
this.oauthService.setStorage(sessionStorage);
this.oauthService.tokenValidationHandler = new JwksValidationHandler();
this.oauthService.requireHttps = true;
}
constructor(private oauthService: OAuthService) { }
async ngOnInit(){
await this.ConfigAuth();
if (!this.oauthService.getAccessToken()) {
this.oauthService.loadDiscoveryDocument().then((doc) => {
this.oauthService.tryLogin()
.catch(err => {
console.error(err);
})
.then(() => {
// this.router.navigate(['/'])
if (!this.oauthService.hasValidAccessToken()) {
this.oauthService.initImplicitFlow()
}
});
});
}
console.log(this.oauthService.getAccessToken());
}
this was fixed by making change in AD side (done be seperate team, dont have much details) Also modified code with help of below link https://damienbod.com/2018/01/23/using-the-dotnet-angular-template-with-azure-ad-oidc-implict-flow/