Hey! Great demo! I actually working on this topic and have one issue that i can't solve. When i request implicit (scenario 2) everything is working fine, i get the bearer token and it is added Headers. But when i request authorization_core popup shows, i log in, but bearer token in not added to the headers. I've test it on two different APIM, 2 different AAD B2C and i'm stuck. Do you maybe know where there might be a problem? Here to look?
I actually had the same problem. But sometimes implicit would work while authorization_code doesn't, and for other APIs it was the reverse. I didn't troubleshoot it because it wasn't my focus at the time. That would need a look into the logs in order to find out why that happens. Also, try a new app registration with a single redirect_uri (the auth code redirect uri), and try to use that new app registration instead. My guess is that there could be something wrong with having multiple redirect uris. And don't forget to republish after updating the settings. Unfortunately I don't have that testing environment anymore so I cannot dig deeper.
@@ZoomSpeaksTech It validated jwt token in weatherforecast with postman with localhost but when i uploaded the same weatherforecast app in azure and replaced the azure web app url with localhost it give 401 unauthorized error
Hi bro , i have a question , why we have not specified redirect uri for backend api in app registration , how token end point gonna recognize where to pass the token if redirect uri is not there for backend api? You have put client id in backen api code that looks good but is that enough?
I did later on here: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-JTKpunPpYi8.htmlm47s and here: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-JTKpunPpYi8.htmlm55s Depending on the scenario you set the proper redirect uri. Client Credentials workflow however does not need a redirect url, as it is just a request/response to the token endpoint.
@@ZoomSpeaksTech yup bro you have the redirect uri for APIM app ,but i have seen articles as well where no one is putting redirect uri for API , everyone one puttinh redirect uri for APIM