Unauthorized client in Azure AD B2C
I have created a webapp using app registration where the webapp url is given as "https://jwt.ms". I have created a simple user flow. There is no .net code or any other development language is used. I think, I'm missing some permission during app registration. I'm testing the B2C user "signupandsignin" flow.
However, I'm getting Error: "Unauthorized client"
AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow.
Correlation ID: 6495ddcf-4ba2-4f88-a7c3-de97a6c6f7b0
Timestamp: 2025-03-22 09:52:40Z
I have enabled "Access tokens (used for implicit flows)" and "ID tokens (used for implicit and hybrid flows)" during the app registration.
The error "The provided application is not configured to allow the 'OAuth' Implicit flow." usually occurs if the Azure AD B2C application is not enabled with Implicit grant and hybrid flows.
Hence to resolve the issue make sure to enable Access and ID tokens in the Authentication tab:
Created a sign up and sign in flow and select the above application:
https://rukk33.b2clogin.com/rukk33.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_RukSUSIflow&client_id=ClientID&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid&response_type=id_token&prompt=login
When I signed in got the ID token successfully:
If still you are facing the error, make sure you are choosing the right application while executing the user flow.
- Updating web redirect uri of Azure AD app registration
- Allowing Azure CDN to access Azure KeyVault
- AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: '<AppId>'
- Is there any Filter condition for string "contains" in MS Graph API V1.0
- How to login to different tenant(non default) in Azure portal?
- Using Python Pyadomd Library to get PowerBI Data into Json Format
- Unable to send email from local machine via Azure Communication Service and using logged-in user's credentials
- Unauthorized client in Azure AD B2C
- How to get parameters after hash mark # from a redirect URL in FastAPI?
- What is the behaviour when publishing a single-tenant Open ID Connect application to the EntraID Gallery?
- Unable to create the synchronization service account for Azure Active Directory. Retrying this operation may help resolve the issue
- b2c tenant - automate custom policy under identity experience framework
- Azure B2C access & refresh token costing
- Connect-ExchangeOnline UnAuthorized
- Software development start-up: Signing into Microsoft services
- How to configure the VMs in two different zones using Availability Sets and install the Active Directory Domain services
- How to create an authentication token for Dynamics CRM
- BrowserAuthError: interaction_in_progress: Interaction is currently in progress with azure/msal-browser@2.11.2
- Why is "Application permissions" disabled in Azure AD's "Request API permissions"?
- EntraID: how to pass application roles downstream
- Provide SSL certificate for internal Website
- How to log in to Azure service principal
- Spring boot oauth2 client with Azure AD, but common tenantID
- How To Add Query Params in ADB2C to ADB2C Federated Authentication Using OIDC protocol
- how to Get token from URL?
- Microsoft Identity Web: Change Redirect Uri
- How to create a new user in multi tenant App registration?
- Can't make Azure Conditional Access working
- Exchange 2016 Error assigning TlsCertificateName to Receive Connector
- Retrieving the last or most recent SignInLogs in a specific Azure AD B2C using Get-MgAuditLogSignIn -All throws error Stream does not support reading