Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configuring ConfidentialClientApplication via .WithTenantIdFromAuthority and a dStS authority fails with error #4927

Closed
christothes opened this issue Sep 12, 2024 · 3 comments · Fixed by #4943
Assignees
Labels
azure-sdk bug confidential-client P2 QM regression Behavior that worked in a previous release that no longer works in a newer release

Comments

@christothes
Copy link

christothes commented Sep 12, 2024

Building a confidential client using a dsts authority and calling ExecuteAsync fails with an error:

"A authority of type Dsts was used at the application and of type Aad at the request level. Please use the same authority type between the two."

An example configuration is below:

builder.WithTenantIdFromAuthority(
new Uri("https://usnorth-passive-dsts.dsts.core.windows.net/dstsv2/<some tenantId>"));

Prior to it being deprecated, this used to work via the following API:

builder.WithAuthority(AuthorityHost.AbsoluteUri, tenantId)
@bgavrilMS bgavrilMS added the regression Behavior that worked in a previous release that no longer works in a newer release label Sep 12, 2024
@bgavrilMS
Copy link
Member

Hi @neha-bhargava - can you please have a look at this as this is blocking partners from upgrading to a safe version of Az SDK

@neha-bhargava
Copy link
Contributor

Sure, taking a look.

@bgavrilMS
Copy link
Member

Here's a repro

 [TestMethod]
 public async Task TestAsync()
 {
     string AuthorityHost = "https://usnorth-passive-dsts.dsts.core.windows.net/dstsv2/";
     string tenantId = "tenant";

     UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
     {
         Path = tenantId
     };

     var app = ConfidentialClientApplicationBuilder
         .Create(TestConstants.ClientId)
         .WithAuthority(AuthorityHost, tenantId)
         .WithClientSecret("secret")
         .Build();

     AuthenticationResult res = await app
         .AcquireTokenForClient(TestConstants.s_scope)
         .WithTenantIdFromAuthority(uriBuilder.Uri)
         .ExecuteAsync()
         .ConfigureAwait(false);
 }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
azure-sdk bug confidential-client P2 QM regression Behavior that worked in a previous release that no longer works in a newer release
Projects
Archived in project
3 participants