Source:  Twitter logo

Hi I am developing web application in Angular 2. I have oauth authentication in webapi. I am using Angular 2 in front end. On login I am calling below code.

   private login() {
        this.oauthService.initImplicitFlow();
        this.oauthService.loginUrl = "https://login.microsoftonline.com/d35ba220-6896666-4acc-9899-dc75131c4fba/oauth2/authorize?resource=\"https://graph.windows.net/ \"& response_type=code";
        this.oauthService.redirectUri = "http://localhost:65298";
        this.oauthService.clientId = "<MY_CLIENT_ID>";
        this.oauthService.issuer = "https://login.microsoftonline.com/d35ba220-6749-4acc-578787-dc75131c4fba";
        this.oauthService.oidc = true;
        this.oauthService.setStorage(sessionStorage);
        this.oauthService.tryLogin({});
    }

I am getting below error.

http://localhost:65298/?error=unsupported_response_type&error_description=AADSTS70005%3a+
The+WS-Federation+sign-in+response+message+contains+an+unsupported+OAuth+parameter+value+in+the+encoded+wctx%3a+%27response_type%27%0d%0aTrace+ID%3a+65dc2592-4ba1-42f6-9f24-eba1c1894900%0d%0aCorrelation+ID%3a+6edaf003-3d26-434b-9b8a-88a267feb350%0d%0aTimestamp%3a+2018-01-17+09%3a09%3a39Z&state=9MnA2eD68aZtOvHSodIjX9IqA1NdSjslrnGaFAlL

Can someone help me to fix this?

According to the MSDN Documentation on AAD Auth Failures - Implicit OAuth is not enabled for the application, you need to set oauth2AllowImplicitFlow to true in the App Registration Manifest in the Azure Portal.

The Issue

When creating your app registration in AAD, you need to manually edit the application manifest and set the value of the oauth2AllowImplicitFlow property to true. Otherwise the AAD sign in flow will not work

error "AADSTS70005: response_type 'token' is not supported for the application..."

The Solution

Follow these steps to solve this issue.

  1. Sign into portal.azure.com with an administrator account in your tenant.

  2. Navigate to Azure Active Directory in the left hand side bar > App registrations > Your app.

  3. Click Manifest at the top of the pane describing your app.

  4. Change the value of the property oauth2AllowImplicitFlow to true. If the property is not present, add it and set its value to true.

  5. Click "Save" to save the modified manifest.

10 users liked answer #0dislike answer #010
Skorunka František profile pic
Skorunka František

Since you are using OAuth2 Implicit Grant flow to authenticate your application, you'll need to set the response type to id_token, token or id_token token instead of code.

You'll also need set the "oauth2AllowImplicitFlow" value to true in the AAD application's manifest file.

3 users liked answer #1dislike answer #13
Aaron Chen profile pic
Aaron Chen

Copyright © 2022 QueryThreads

All content on Query Threads is licensed under the Creative Commons Attribution-ShareAlike 3.0 license (CC BY-SA 3.0).