AADSTS70005: response_type ‘id_token’ is not enabled for the
application
I am getting above error even after setting "oauth2AllowImplicitFlow": true, in manifest.
7
try this:
go to portal.azure.com
select your directory, and go to Azure AD
then select App registration (preview)
select the app you are trying to authenticate (you should already have registered it)
go to the authentication tab
check “ID tokens” in the Advanced Settings section (see the bottom of the attached image)
this have worked for me
3
I got the error:
AADSTS700054: response_type ‘id_token’ is not enabled for the application.
And the resolution was setting:
{
"oauth2AllowIdTokenImplicitFlow" : true
}
in Azure Active Directory App Manifest
1
Make sure you have selected ID tokens (used for implicit and hybrid flows)
You can do from Authentication blade in your app in Azure AD. See screenshot below
Or go to the Manifest blade and make oauth2AllowIdTokenImplicitFlow to true. See screenshot below
1
Error : OpenIdConnectMessage.Error was not null, indicating an error. Error: ‘unsupported_response_type’.
This error occurred because Azure AD not return any Access tokens or ID tokens.
Azure AD need to enabled check box to return tokens, after authentication is done.
How to Solve : goto Azure AD => App registration => click tab Authentication =>
enabled Access tokens and ID tokens check-boxes.
Make sure you don’t have two instances of the key oauth2AllowImplicitFlow in your manifest – in my case I had added the key but it was present already with the value set to false. Hopefully this solves the issue:)
1
It is true like a lot of you are saying that you need to enable ID tokens (used for implicit and hybrid flows) if you really need the ID Token.
‘AADSTS700054: response_type ‘id_token’ is not enabled for the
application.
However if you use a Authorization Code Flow you don’t really need it. Microsoft OpenID Connect authentication (Microsoft.AspNetCore.Authentication.OpenIdConnect) uses id_token as default ResponseType for OpenIdConnect and JwtSecurityTokenHandler.
Using AddOpenIdConnect you can set ResponseType to OpenIdConnectResponseType.Code or simply "code" and then you don’t need the id_token at all.
Working example with Azure Ad and IdentityServer:
services.AddAuthentication()
.AddOpenIdConnect("aad", "Azure AD", options =>
{
options.ClientSecret = "<ClientSecret>";
options.ResponseType = OpenIdConnectResponseType.Code;
options.ClientId ="<ClientId>";
options.Authority = "https://login.microsoftonline.com/<TenantId>/";
options.CallbackPath = "/signin-oidc";
})
.AddIdentityServerJwt();
http://docs.identityserver.io/en/latest/topics/signin_external_providers.html
0
I was facing similar issue and when visited the page of ActiveDirectory -> App registrations, it wasnt showing new UI.
Also it doesnt allow me to set the flag in the metadata, Found the workaround for this.
https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Authentication/quickStartType//sourceType/Microsoft_AAD_IAM/appId/9bab1d75-34b8-475b-abfe-5a62c6f01234/objectId/a4b459c1-7753-400c-8f8f-46fb5451234/isMSAApp//defaultBlade/Overview/servicePrincipalCreated/true
First login to your instance, modify the above URL to paste object id and application id of your application.
Then it should show the screen @Mosè Bottacini posted.
I stumbled across this post since I was having the exact same issue with my Azure App Service. I fixed it by using the exact redirect URL in the error message and adding that to the list of URLs in the app registration.