Error. We're having trouble signing you in. Please sign in again. Unauthorized

[MrCharli3]

When I try to Access the To-do list I get the following message.

It finds my claim just fine, and it says I'm signed in.

Web.config:

<add key="ida:Tenant" value="b2cmax.onmicrosoft.com" />
<add key="ida:ClientId" value="2f4c85d0-6471-4080-a73c-b7e7811f273b" />
<add key="ida:ClientSecret" value="--removed--" />
<add key="ida:AadInstance" value="https://login.microsoftonline.com/tfp/{0}/{1}/v2.0/.well-known/openid-configuration" />
<add key="ida:RedirectUri" value="https://localhost:44316/" />

<add key="ida:SignUpSignInPolicyId" value="b2c_1_susi" />
<add key="ida:EditProfilePolicyId" value="b2c_1_profile_edit" />
<add key="ida:ResetPasswordPolicyId" value="b2c_1_p_reset" />

<!-- Uncomment the localhost url if you want to run the API locally -->
<!--<add key="api:TaskServiceUrl" value="https://aadb2cplayground.azurewebsites.net/" /> -->
<add key="api:TaskServiceUrl" value="https://localhost:44332/" />

<!-- The following settings is used for requesting access tokens -->
<add key="api:ApiIdentifier" value="https://b2cmax.onmicrosoft.com/tasks/" />
<add key="api:ReadScope" value="read" />
<add key="api:WriteScope" value="write" />`

Do I need to make any changes to TaskService Web Config?

[parakhj]

Not sure what message you are seeing. Could you repaste it?

Yes, you will need to make changes to your TaskService Web Config. You need to update it with your B2C configuration (e.g. the client ID of the Web API app registration, your tenant name)

[MrCharli3]

@parakhj The Error-message I get is in the title :) Or did you mean something else?
Okay, but in the walktrough where you link to this GitHub project there is nothing about modifying the TaskService Web Config? Or did I miss it?

[parakhj]

There are multiple pages linking to this repo, depending on what you are trying to achieve. Check out the readme of this repo

[saraford]

@MrCharli3 Hello! 👋 I just made some updates to the readme earlier today that show step-by-step how to register both apps (the web app and the web api) in the Azure portal and how to configure both VS projects (i.e. the sample apps available in the solution in this repo) to use your tenant.

Please take a look and let us know if you still have any questions! Thanks!

[dblaszyk]

Please note, I saw this when I forgot the trailing /, for the api:ApiIdentifier.

.. key="api:ApiIdentifier" value="https://forexample.onmicrosoft.com/myapi"

Must be
.. key="api:ApiIdentifier" value="https://forexample.onmicrosoft.com/myapi/"

Since the scopes are created by appending the security token, I was getting myapiread, as opposed to myapi/read in the code example.

[saraford]

@dblaszyk Thanks for calling this out! I've added a quick 📝 in the readme to verify that the trailing / has been added to the ApiIdentifier.

[Muddasarr]

I followed all the instructions but when i try to access the to-do-list it gives this error
Error. We're having trouble signing you in. Please sign in again. Unauthorized
Although i am already signed in. Kindly see the attached code below:

<configuration>
  <appSettings>
    <add key="webpages:Version" value="3.0.0.0"/>
    <add key="webpages:Enabled" value="false"/>
    <add key="ClientValidationEnabled" value="true"/>
    <add key="UnobtrusiveJavaScriptEnabled" value="true"/>
    <add key="ida:Tenant" value="kardexlcs.onmicrosoft.com"/>
    <add key="ida:ClientId" value="5d4bede7-8874-4e2d-8628-aeb62fb102a7"/>
    <add key="ida:ClientSecret" value="-removed-"/>
    <add key="ida:AadInstance" value="https://login.microsoftonline.com/tfp/{0}/{1}/v2.0/.well-known/openid-configuration"/>
    <add key="ida:RedirectUri" value="https://localhost:44316/"/>
    <add key="ida:SignUpSignInPolicyId" value="B2C_1_SiupIN"/>
    <add key="ida:EditProfilePolicyId" value="B2C_1_Sipe"/>
    <add key="ida:ResetPasswordPolicyId" value="B2C_1_SSPR"/>
    <add key="api:TaskServiceUrl" value="https://localhost:44332/"/>
    <!-- Uncomment the localhost url if you want to run the API locally -->
    <!--add key="api:TaskServiceUrl" value="https://localhost:44332/" /-->
    <!-- The following settings is used for requesting access tokens -->
    <add key="api:ApiIdentifier" value="https://kardexlcs.onmicrosoft.com/tasks/"/>
    <add key="api:ReadScope" value="Hello.read"/>
    <add key="api:WriteScope" value="Hello.write"/>
  </appSettings>

Am i missing something in the configuration??
Any help would be highly appreciated.
Thanks in advance.

[TiagoBrenck]

Please, re-open if this is happening in the latest version of this sample

[LeGnours]

Hello,

It seems I am also having the same issue with the lastest documentation.
I've followed the tutorial (https://docs.microsoft.com/en-ca/azure/active-directory-b2c/tutorial-web-api-dotnet?tabs=app-reg-preview) and when I am trying to access the ToDoList, I have :
"We're having trouble signing you in.
Please sign in again. Unauthorized"

After some investigation, it seems that var accounts = await cca.GetAccountAsync(); returns 0 account the first time, it's called. After that, it goes to:
==> return new RedirectResult("/Account/SignUpSignIn?redirectUrl=/Tasks");

Then, it goes again in the Index method and this time there is one account and the UserName is "

It seems that in the TaskController.cs, when I am trying to get the token (even if I am already signin), I get a null AccessToken.

[AlpeshValvi123]

I have followed the same documentation. https://docs.microsoft.com/en-ca/azure/active-directory-b2c/tutorial-web-api-dotnet?tabs=app-reg-ga

I'm successfully login into WebApp.

But getting the issue while accessing the API.
Error.
We're having trouble signing you in.
Please sign in again. Unauthorized

Also, I have granted both web app and well as API from Azure AD B2C.

Any help would be highly appreciated.
Thanks in advance.

[dbman86]

I had same issue - I went to the WebApp app registration and needed to grant admin consent - before I did the status said something else and was not green. otherwise put a breakpoint in TasksController.Index() when it calls cca.AcquireTokenSilent - does result.AccessToken have a value? it was null for me until I made the change below. hope this helps.