I am fully following the example from Example for Angular 16 from MSAL Git. The code is exactly the same with the example except for the client ID and authority. When I login with my account I got 401 error response. I also don't know how to decode the encrypted code in URL. Is it because that my account does not have access to the application in Azure AD and how can I decode the URL? The URL is like localhost:5069/api#code=xxx&client_info=xxx&state=xxx&session_state=xxx and contains 4 parts, code, client_info,state and session_state. How can I extract info from them?
The 401 error usually occurs if the Microsoft Entra ID application is not granted required API permissions to perform the operation.
I created a Multi-Tenant Microsoft Entra ID application:
Registered Redirect URL:
Grant User.Read
delegated API permission as you are calling /me
endpoint:
Now in environment file replace your client ID:
export const environment = {
production: false,
msalConfig: {
auth: {
clientId: 'YourClientID',
authority: 'https://login.microsoftonline.com/common'
}
},
apiConfig: {
scopes: ['user.read'],
uri: 'https://graph.microsoft.com/v1.0/me'
}
};
When I ran the sample, I logged using Popup:
The user logged in successfully:
Able to fetch signed in user profile data successfully:
To resolve the error, make sure to grant required API permissions to the Microsoft Entra ID application.
If still the issue persists, check if you are passing valid ClientID.
Reference: