This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 91%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
I have added Azure AD as an authentication server but it is showing me the following error "[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 401 Unauthorized: [no body]"
Springboot: 2.5.8
Azure version: 3.10.0
my application.properties as follow:
spring.security.oauth2.client.registration.azure-client.provider=azure-ad
spring.security.oauth2.client.registration.azure-client.client-id=<Client_id>
spring.security.oauth2.client.registration.azure-client.client-secret=<Client_secret>
spring.security.oauth2.client.registration.azure-client.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.azure-client.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
spring.security.oauth2.client.registration.azure-client.scope=openid, profile
spring.security.oauth2.client.registration.azure-client.client-authentication-method=post
spring.security.oauth2.client.provider.azure-ad.authorization-uri=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
spring.security.oauth2.client.provider.azure-ad.token-uri=https://login.microsoftonline.com/common/oauth2/v2.0/token
spring.security.oauth2.client.provider.azure-ad.jwk-set-uri=https://login.microsoftonline.com/common/discovery/v2.0/keys
spring.security.oauth2.client.provider.azure-ad.user-name-attribute=name
server.forward-headers-strategy=native
logging.level.org.springframework.security=DEBUG
And SecurityConfig class as follow:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure( HttpSecurity http ) throws Exception {
http.authorizeRequests()
.antMatchers( "/oauth2/**", "/login/**" ).permitAll()
.anyRequest().authenticated()
.and()
.oauth2Login()
.defaultSuccessUrl( "/home" );
}
}
And Controller as follows:
@RestController
public class HomeController {
@GetMapping( "home" )
public String home( @AuthenticationPrincipal(expression = "claims['name']") String name ) {
return String.format( "Hello %s! welcome to the Security app", name);
}
}
Kindly help, thanks!
Thanks for reaching out.
Do you see any correlation ID and timestamp for above error? if so can you share that with us? Thanks.
@sikumars-msft thanks for the reply. I had mistakenly added the wrong client secret, after adding the correct one it is working fine.
I had mistakenly added the wrong client secret, after adding the correct one it is working fine.
Thanks for the update. Kindy "accept your answer" so that this beneficial to other community members reading this thread and experiencing similar issue. Thanks.