Adding multiple issuer and audience validation in C#

You have an custom developed Web app or Web API using Asp.Net or Asp.Net Core and you want to control which issuers have access to your app. There are a couple ways to do this. Use Multiple Authentication schemes One way to do this and is probably the most recommended way is to perform what is documented here… https://github.com/AzureAD/microsoft-identity-web/wiki/multiple-authentication-schemes In this solution, you’ll want to have different Web App or…

Read More

Troubleshooting Signature validation errors

These signature validation errors are caused when the resource provider (not Azure AD) is unable to validate the signature of the token, either because the signing key could not be found or the signing key used was not able to validate the signature. This article will describe the most common scenarios and solutions. The concept and root cause is still the same and will continue to apply. Unfortunately, many developers…

Read More