You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ideally WithTenantIdFromAuthority should handle the ADFS case and do the same thing as WithAuthority(AuthorityHost.AbsoluteUri, tenantId) does.
The text was updated successfully, but these errors were encountered:
christothes
changed the title
AbstractAcquireTokenParameterBuilder<T>.WithAdfsAuthority throws with a null TenantId when the authority host RUI ends in /adfs
AbstractAcquireTokenParameterBuilder<T>.WithAdfsAuthority throws with a null TenantId when the authority host Uri ends in /adfsJul 24, 2024
What is the actual value of the uri in WithTenantIdFromAuthority(uri) ? Someting like https://somehost.com/adfs/
How do you create the application object? Do you set WithAuthority(adfsAuthority) ? Or do you leave it as is?
If you leave it as is, the default is the AAD authority https://login.microsoftonline.com/common. Request can alter the tenant only, but not the host.
If you set the authority in the CCA/PCA object as https://somehost.com/adfs/ and then the same on the request, then I agree this is a bug and we can fix it.
If you leave it as is, the default is the AAD authority https://login.microsoftonline.com/common. Request can alter the tenant only, but not the host. If you set the authority in the CCA/PCA object as https://somehost.com/adfs/ and then the same on the request, then I agree this is a bug and we can fix it.
Yes, that is effectively what we are doing in the code linked above.
Here ^^ the authority is set to https://somehost.com/adfs/ ?
No - there it would be set only to https://somehost.com/. It is when the token is requested that we build up the tenantId using WithTenantIdFromAuthority
Azure.Identity recently changed from calling the deprecated:
to this:
When
adfs
is passed as the tenantId,WithTenantIdFromAuthority
throws because tenantId is null.I looked at the MSAL code and this is the reason we end up with a null TenantId
This creates an AdfsAuthority which hard codes null as the TenantId
Ideally
WithTenantIdFromAuthority
should handle the ADFS case and do the same thing asWithAuthority(AuthorityHost.AbsoluteUri, tenantId)
does.The text was updated successfully, but these errors were encountered: