AADSTS50146: This application is required to be configured with an application-specific signing key

Issue

I am creating an Angular 7 application. we have used angular-oauth2-oidc to connect to Azure AD and authenticate. Azure AD set as OPENID for authentication.
From the team managing Azure AD we have got one secert key also. As i am new to this i am not able figure out where this need to used. Searching online also didnt get much help.

When i publish this code and open application its gets redirected, but after signing in in micosoft site itself it throws below error

AADSTS50146: This application is required to be configured with an
application-specific signing key.

Can anyone help on this.

Below is the sample of code we are using in app.component.ts

export const authConfig: AuthConfig = {
  issuer: 'https://sts.windows.net/<tanend id>/',
  redirectUri: window.location.origin + '/',
  logoutUrl: 'https://login.microsoftonline.com/<tanend id>/oauth2/logout',
  clientId: '<cliend id>',
  strictDiscoveryDocumentValidation: false,
  responseType: 'id_token',
  scope: 'openid profile email',
  waitForTokenInMsec: 2000,
  oidc: true
};

private async ConfigAuth(): Promise<void> {
    this.oauthService.configure(authConfig);
    this.oauthService.setStorage(sessionStorage);
    this.oauthService.tokenValidationHandler = new JwksValidationHandler();
    this.oauthService.requireHttps = true;

  }

  constructor(private oauthService: OAuthService) {  }

  async ngOnInit(){
    await this.ConfigAuth();

    if (!this.oauthService.getAccessToken()) {
      this.oauthService.loadDiscoveryDocument().then((doc) => {
        this.oauthService.tryLogin()
          .catch(err => {
            console.error(err);
          })
          .then(() => {
           // this.router.navigate(['/'])
            if (!this.oauthService.hasValidAccessToken()) {
              this.oauthService.initImplicitFlow()
            }
          });
      });
    }
    console.log(this.oauthService.getAccessToken());
  }

Solution

this was fixed by making change in AD side (done be seperate team, dont have much details)
Also modified code with help of below link
https://damienbod.com/2018/01/23/using-the-dotnet-angular-template-with-azure-ad-oidc-implict-flow/

Answered By – Hari Krishnan

Answer Checked By – Timothy Miller (AngularFixing Admin)

Leave a Reply

Your email address will not be published.