azure-active-directoryazure-ad-b2c

Unauthorized client in Azure AD B2C


I have created a webapp using app registration where the webapp url is given as "https://jwt.ms". I have created a simple user flow. There is no .net code or any other development language is used. I think, I'm missing some permission during app registration. I'm testing the B2C user "signupandsignin" flow.

However, I'm getting Error: "Unauthorized client"

AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow.
Correlation ID: 6495ddcf-4ba2-4f88-a7c3-de97a6c6f7b0
Timestamp: 2025-03-22 09:52:40Z

I have enabled "Access tokens (used for implicit flows)" and "ID tokens (used for implicit and hybrid flows)" during the app registration.


Solution

  • The error "The provided application is not configured to allow the 'OAuth' Implicit flow." usually occurs if the Azure AD B2C application is not enabled with Implicit grant and hybrid flows.

    Hence to resolve the issue make sure to enable Access and ID tokens in the Authentication tab:

    enter image description here

    Created a sign up and sign in flow and select the above application:

    https://rukk33.b2clogin.com/rukk33.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_RukSUSIflow&client_id=ClientID&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid&response_type=id_token&prompt=login
    

    When I signed in got the ID token successfully:

    enter image description here

    If still you are facing the error, make sure you are choosing the right application while executing the user flow.