9

I have configured Azure AD multi-tenant autentication by following this article: https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-azure-ad-multi-tenant-custom?tabs=applications

The authentication worked on friday last week, but now its suddenly failing. I tried to re-register the application in Azure AD with new App Id and new App secret that was added in both ends.

Error i'm getting:

Sorry, but we’re having trouble with signing you in. AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.

Am I overlooking something obvious?

Authentication is used with a SPA Web App using React with react-aad-msal

Frode
  • 540
  • 1
  • 6
  • 12

1 Answers1

25

Solution: Changed platform configuration from SPA to Web solved it.

Frode
  • 540
  • 1
  • 6
  • 12
  • 1
    how to change ? – Kenneth Sunday Jun 09 '20 at 07:02
  • 1
    Check your manifest in your Azure Active Directory Application, and look for replyUrlsWithType. Try change the login callback type from SPA to Web. – Olof84 Sep 24 '20 at 12:05
  • "replyUrlsWithType": [ { "url": "https://.b2clogin.com/.onmicrosoft.com/oauth2/authresp", "type": "Web" }, Find it here: tenant > App Registrations > Choose your registered App > Manifest blade on left. – IdusOrtus Jan 17 '21 at 18:26
  • 1
    But changing to web requires the client secret to be passed as well? – span Feb 01 '21 at 19:42
  • 2
    @span That seems to be the case. Missing client secret is the error I get after switching from SPA to Web, i.e. AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret' – norgie Apr 22 '22 at 11:20