Getting "Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type" error while trying to run the "1-Authentication\1-sign-in\SPA" app after following the exact same steps recommended in readme

[tanmayghosh2507]

Issue

Please provide us with the following information:

This issue is for the sample

    - [x] 1-1) Sign-in with Azure AD
    - [ ] 1-2) Sign-in with Azure AD B2C
    - [ ] 2-1) Acquire a Token and call Microsoft Graph
    - [ ] 3-1) Protect and call a web API on Azure AD
    - [ ] 3-2) Protect and call a web API on Azure AD B2C
    - [ ] 4-1) Deploy to Azure Storage and App Service
    - [ ] 4-2) Deploy to Azure Static App Service
    - [ ] 5-1) Call a web API using App Roles
    - [ ] 5-2) Call a web API using Security Groups
    - [ ] 6-1) Call Microsoft Graph using on-behalf-of flow
    - [ ] 6-3) Call a web API using Conditional Access Auth Context
    - [ ] 6-4) Sign-in with Hybrid SPA flow

This issue is for a

    - [ ] bug report -> please search issues before submitting
    - [x] question
    - [ ] feature request
    - [ ] documentation issue or request

Minimal steps to reproduce

npm start after npm install from 1-Authentication\1-sign-in\SPA folder. Then once the app is running in browser tab. Click sign in and use either of Pop Up based or Redirect based to see the error in console output window. It can't login too. These are no other visible failures.

Any log messages given by the failure

No error while running the app. But observed an error in Google Chrome console.
AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. Request origin: 'http://localhost:3000'.
Trace ID: 36bae855-e9d3-409f-b892-6f07a12d2200
Correlation ID: 51074ca4-ea25-4783-9881-b2e760d6e11d
Timestamp: 2023-01-27 21:28:46Z - Correlation ID: 51074ca4-ea25-4783-9881-b2e760d6e11d - Trace ID: 36bae855-e9d3-409f-b892-6f07a12d2200
at ServerError.AuthError [as constructor] (AuthError.ts:49:1)
at new ServerError (ServerError.ts:13:1)
at ResponseHandler.validateTokenResponse (ResponseHandler.ts:99:1)
at AuthorizationCodeClient. (AuthorizationCodeClient.ts:83:1)
at step (MathUtils.ts:23:1)
at Object.next (MathUtils.ts:23:1)
at fulfilled (MathUtils.ts:23:1)

Expected/desired behavior

Should be able to login using AAD

Library version

Browser and version

Chrome 109.0.5414.74 (Official Build) (64-bit)

Mention any other details that might be useful

Thanks! We'll be in touch soon.

[salman90]

Hi @tanmayghosh2507 , I believe this is an application registration issue. Please check that you registered a single-page application type, not a different type of application. You can check the application type by clicking on the authentication tab in the application registration, as shown below:

[github-actions]

This issue has not seen activity in 14 days. If your issue has not been resolved please leave a comment to keep this open. It will be closed in 7 days if it remains stale.

[salman90]

@tanmayghosh2507 closing this due to inactivity