Azure AD Client Secret is not a valid Base64 string

Question

I am building a Web API for which the plan is to do OAuth Authentication using Azure AD. The API code is using Microsoft's Owin library and Identity.Web to validate the token once received in HTTP Request header. The challenge is that when I generate client secret from Azure AD and provide that in Web API code to validate received token, there is an error - The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.

Have tried generate client secret multiple times but all trial has resulted in invalid base64 secret. Is there a way to generate base64 compatible client secret from Azure AD because MS Own library needs it that way? Can Azure AD be used for OAuth authentication?

Thanking all in advance.

Answer 1

The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.

The above error occurs that when your token is not a valid Base64 encoded string and also you should verify that the base64string length is a multiple of 4 and that it is valid.

In order to correct this, you may have to try to pad it and change - to + and to / as follows:

public static byte[] DecodeUrlBase64(string s)

{

s = s.Replace('-', '+').Replace('_', '/').PadRight(4*((s.Length+3)/4), '=');

return Convert.FromBase64String(s);

}

Your code required encodedbase64 format but token is decoded base64 this may cause the error so try the above code.

Reference:

c# - The input is not a valid Base-64 string as it contains a non-base 64 character - Stack Overflow