Azure B2C在我的本地机器上工作,但在Azure上不起作用
我创建了一个调用Web API(.NET)并使用Azure AD B2C进行身份验证的大型应用程序。这在我本地的机器上正常工作。我可以通过登录屏幕进行身份验证,并调用相关端点。一旦我将应用程序部署到Azure,我会在浏览器上获得此错误: 信息:microsoft.aspnetcore.authorization.defaultauthorizationservice [2] 授权失败。这些要求没有得到满足: 拒绝义义授权:需要经过身份验证的用户 无法加载资源:服务器以401(未授权)的状态响应
在Glazor(ui)端,我已经设置了此设置:
"AzureAd": {
"Authority": "https://CarehomeRoomBookingTest.b2clogin.com/CarehomeRoomBookingTest.onmicrosoft.com/B2C_1_SignUpIn",
"ClientId": "77##############################",
"ClientSecret": "99#########################",
"ValidateAuthority": false
}
在Web API端,我已经设置了此设置:
"AzureAdB2C": {
"Instance": "https://CarehomeRoomBookingTest.b2clogin.com",
"ClientId": "16#############################",
"Domain": "CarehomeRoomBookingTest.onmicrosoft.com",
"SignedOutCallbackPath": "/signout/B2C_1_susi_reset_v2",
"SignUpSignInPolicyId": "B2C_1_SignUpIn",
"TenantId": "38#############################"
}
为什么会当应用程序在Azure上部署和托管时,这会发生吗?
I have created a Blazor application that calls a Web API(.Net) and uses Azure AD B2C for authentication. This works fine on my local machine. I can authenticate via the login screen and call the relevant endpoint. Once I deploy the application to Azure I get this error on the browser:
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user
Failed to load resource: the server responded with a status of 401 (Unauthorized)
On the Blazor(UI) side I have this set up:
"AzureAd": {
"Authority": "https://CarehomeRoomBookingTest.b2clogin.com/CarehomeRoomBookingTest.onmicrosoft.com/B2C_1_SignUpIn",
"ClientId": "77##############################",
"ClientSecret": "99#########################",
"ValidateAuthority": false
}
On the Web API side I have this set up:
"AzureAdB2C": {
"Instance": "https://CarehomeRoomBookingTest.b2clogin.com",
"ClientId": "16#############################",
"Domain": "CarehomeRoomBookingTest.onmicrosoft.com",
"SignedOutCallbackPath": "/signout/B2C_1_susi_reset_v2",
"SignUpSignInPolicyId": "B2C_1_SignUpIn",
"TenantId": "38#############################"
}
Why would this be happening when the application is deployed and hosted on Azure?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
请检查您是否有以下情况:
1。请参阅前端应用需要使用的API范围是否正确。这样,它将获得用于API的访问令牌。注册
通过暴露API的API应用程序注册范围
部分并使用前端应用中的范围。
和授予管理员同意:
您的范围将在这种方式中出现
确保在代码中的Auth中将其后端API暴露的范围包括
委派权限是问题。请参阅
get-401-unauthorized-enauthorized-error-eror-stackoverflow
Please check if any of below is your case:
1.See if scope for your API that Your front-end app needs to use is correct. This way it will get an access token which is meant for your API. Register a
scope for your API app registration through the Expose an API
section and use the scope in your front-end app.
and grant admin consent :
Your scopes will be present this way
Please make sure to include the scopes exposed in the portal for your backend api in the auth in your code
delegated permissions is the issue .See
getting-401-unauthorized-error-StackOverflow