AADSTS50001:尝试从控制台客户端使用ADAL从Azure AD访问令牌时出现异常

Question

AADSTS50001:尝试从控制台客户端使用ADAL从Azure AD访问令牌时出现异常

Sai*_*Sai 8 adfs active-directory azure wif adal

尝试从控制台客户端使用ADAL从Azure AD访问令牌时获取异常.

脚步:

我已使用我的Web API应用程序localhost:44307配置了Azure AD.
添加了客户端ID,客户端密钥所需的配置.
通过更改此链接中建议的清单来跟进工作. https://www.google.com/search?q=AADSTS50001+%2B+azure+AD+athentication&oq=AADSTS50001+%2B+azure+AD+athentication&aqs=chrome..69i57.10202j0j7&sourceid=chrome&espv=210&es_sm=93&ie=UTF-8 #q = AADSTS50001&安全=活性

ADAL版本使用: Microsoft.IdentityModel.Clients.ActiveDirectory 2.6.0-alpha

控制台应用代码:

void GetToken()
{
    clientId = "be6b055a-4efc-222a-2187-49657e6f4f1b";
    string ClientKey = "c/uIMlsqn9SzJLKKyBle42Ym+tgcaC2tbMlWxJQawE";
    string ClientCredential clientCred = new ClientCredential(clientId, ClientKey);

    authenticationContext = new AuthenticationContext("https://login.windows.net/MyDevAD.onmicrosoft.com");                
    authenticationResult = authenticationContext.AcquireToken("https://mylocalwebapiapp.com/", clientCred);
    ....
}

Run Code Online (Sandbox Code Playgroud)

================================================== ================================================== ================================================== ==============

小提琴输入:

POST https://login.windows.net/MyDevAD.onmicrosoft.com/oauth2/token HTTP/1.1 Content-Type:application/x-www-form-urlencoded client-request-id:53262b17-1234-4ed9-bdb3- 748d332eb44b return-client-request-id:true x-client-SKU:.NET x-client-Ver:2.6.0.0 x-client-CPU:x64 x-client-OS:Microsoft Windows NT 6.3.9600.0主机:登录. windows.net内容长度:185期望:100-continue连接:Keep-Alive

grant_type = client_credentials&资源= HTTPS%3A%2F%2Flocalhost%3A44307%2F&CLIENT_ID = be6b055a-4efc-408A-8187-42137e6f4f1b&client_secret = C%2FuIMlsqn9SzJLKKyBle123Ym%2BtgcaC3tbMlWxJQawE%3D

================================================== ================================================== ================================================== ============== 小提琴输出:

HTTP/1.1 400 Bad Request Cache-Control:no-cache,no-store Pragma:no-cache Content-Type:application/json; charset = utf-8 Expires:-1 Set-Cookie:x-ms-gateway-slice = ProductionB; path =/x-ms-request-id:e89741b2-570d-44f6-9e71-6533b083abcd client-request-id:35262b17-4771-4ed9-bdb3-748d332eb33b X-Content-Type-Options:nosniff X-Powered-By: ARR/3.0 X-Powered-By:ASP.NET日期:星期二,01四月2014 19:05:51 GMT内容长度:438

{"error":"invalid_resource","error_description":"AADSTS50001:资源' https://mylocalwebapiapp.com/ '未注册该帐户.\ r \nTrace ID:e89741b2-570d-44f6-9e71-6533b083cdad\r \n相关ID:35262b17-4771-4ed9-cddb3-748d332eb44b\r \n时间戳:2014-04-01 19:05:53Z","error_codes":[50001],"timestamp":"2014-04-01 19 :05:53Z", "trace_id的": "e89741b2-570d-44f6-9e71-6533b083cdad", "CORRELATION_ID": "35262b17-4771-4ed9-bdb3-748d332eb44b"}

================================================== ================================================== ================================================== ============== 注意:发布的URL和ID都是伪造的.

Answer 1

小智 2

我们不应该引入任何改变。我建议仔细检查您是否为客户端应用程序分配了访问 Web API 的正确权限。请注意，您的应用程序正在获取具有其自己的凭据的令牌，因此您需要直接分配应用程序权限（而不是委派权限）。HTH V.

私下讨论的结果是什么？我这里有完全相同的问题。很想知道如何解决这个问题。 (3认同)
HTH，这是另一个感兴趣的用户。在我们的实验过程中，我们还收到相同的消息“AADSTS50001：资源'###'未为该帐户注册”。我们没有意识到我们必须为该资源注册每个单独的帐户。如果是这样：这是如何实现的？ (2认同)

归档时间：	11 年，9 月前
查看次数：	9252 次
最近记录：	6 年，8 月前