azuredockerasp.net-web-apiazure-active-directory.net-8.0

Azured AD JWT authentication doesn't work for Web API hosted in docker using TestContainer


I have an ASP .Net Web API hosted in Docker using TestContainer for integration tests. The Web API's endpoints are secured by using using JWT token and all this works very well when the Web API is hosted in production outside on IIS.

I get the exception WWW-Authenticate: Bearer error="invalid_token", error_description="The audience 'api://XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX' is invalid"

Is there anything needed to be done for the Azure AD JWT authentication to work in TestContainers/Docker?

Thanks in advance.


Solution

  • I get the exception WWW-Authenticate: Bearer error="invalid_token", error_description="The audience 'api://XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX' is invalid

    To resolve the error, add AzureAD environment variables in the TestContainer:

    AZURE_CLIENT_ID - App ID of the service principal

    AZURE_TENANT_ID - the Tenant ID

    AZURE_CLIENT_SECRET - Secret value of the service principal

    You can get values of AZURE_CLIENT_ID and AZURE_TENANT_ID from app registration page that you can check below

    Overview:

    enter image description here

    Create Client secret and add in environmental variables.

    enter image description here