Error during id_token_hint token validation

32 Views Asked by Anton Putau At 08 March 2024 at 09:38

I have error during verifying id_token_hint signature (followed this b2c sample):

Message:Key not found in metadata. Reason: 'No key set found in metadata'

My technical profile:

<TechnicalProfile Id="IdTokenHint_ExtractClaims">
   <DisplayName> My ID Token Hint TechnicalProfile</DisplayName>
   <Protocol Name="None" />
   <Metadata>      
      <Item Key="METADATA">https://someapp.azurewebsites.net/api/.well-known/openid-configuration</Item>
   </Metadata>
    <OutputClaims>
      <OutputClaim ClaimTypeReferenceId="email" />  
    </OutputClaims>
 </TechnicalProfile>

My endpoints exposes public key information to verify signature of the id_token_hint:

https://someapp.azurewebsites.net/api/.well-known/openid-configuration
https://someapp.azurewebsites.net/api/.well-known/keys

My id_token_hint

What is the source of this error and how to fix it? Thanks.

Update I have changed my metadata json to use "camelcase" policy, this fixed described issue.

Original Q&A

There are 1 best solutions below

rbrayb On 08 March 2024 at 19:58

"The link to the sign-in policy contains the email address, which is encapsulated inside a JWT token (id_token_hint). When a user clicks on that link, Azure AD B2C validates the JWT token signature, reads the information from the token, extracts the email address and issues an access token back to the application".

Your id_token_hint doesn't contain email?

Error during id_token_hint token validation

There are 1 best solutions below

Related Questions in AZURE-AD-B2C

Related Questions in DIGITAL-SIGNATURE

Related Questions in IDENTITY-EXPERIENCE-FRAMEWORK

Trending Questions

Popular # Hahtags

Popular Questions