AADSTS50146: This application is required to be configured with an application-specific signing key


I am creating an Angular 7 application. we have used angular-oauth2-oidc to connect to Azure AD and authenticate. Azure AD set as OPENID for authentication.
From the team managing Azure AD we have got one secert key also. As i am new to this i am not able figure out where this need to used. Searching online also didnt get much help.

When i publish this code and open application its gets redirected, but after signing in in micosoft site itself it throws below error

AADSTS50146: This application is required to be configured with an
application-specific signing key.

Can anyone help on this.

Below is the sample of code we are using in app.component.ts

export const authConfig: AuthConfig = {
  issuer: 'https://sts.windows.net/<tanend id>/',
  redirectUri: window.location.origin + '/',
  logoutUrl: 'https://login.microsoftonline.com/<tanend id>/oauth2/logout',
  clientId: '<cliend id>',
  strictDiscoveryDocumentValidation: false,
  responseType: 'id_token',
  scope: 'openid profile email',
  waitForTokenInMsec: 2000,
  oidc: true

private async ConfigAuth(): Promise<void> {
    this.oauthService.tokenValidationHandler = new JwksValidationHandler();
    this.oauthService.requireHttps = true;


  constructor(private oauthService: OAuthService) {  }

  async ngOnInit(){
    await this.ConfigAuth();

    if (!this.oauthService.getAccessToken()) {
      this.oauthService.loadDiscoveryDocument().then((doc) => {
          .catch(err => {
          .then(() => {
           // this.router.navigate(['/'])
            if (!this.oauthService.hasValidAccessToken()) {


this was fixed by making change in AD side (done be seperate team, dont have much details)
Also modified code with help of below link

Answered By – Hari Krishnan

Answer Checked By – Timothy Miller (AngularFixing Admin)

Leave a Reply

Your email address will not be published.