Alexandre_OCHMAN | 2023-02-01 08:53:42 UTC | #1
Hi, I'm testing the authenticated web messaging I'm always getting a 401 unauthorize error when I pass the oauth to the web messaging widget.
For the authentification I'm using Azure AD with a auth code PKCE flow.
The request used by the widget seems ok: https://api.mypurecloud.ie/api/v2/webdeployments/token/oauthcodegrantjwtexchange
{ deploymentId: "102fe28f-7295-4452-868d-d076813fedb0", journeyContext: { customer: {id: "08b727be-35c5-4611-acb3-1896f7399b05", idType: "cookie"}, customerSession: {id: "1fda6f27-ba10-4c6a-9521-c94d4ce5d812", type: "web"} }, oauth: { code: "auth code", codeVerifier: "code verifier", redirectUri: "https://master.dj5dq9npte6en.amplifyapp.com/" } }
I have a hard time understanting what I am doing wrong, if someone can help me.
vpirat | 2023-02-01 10:45:13 UTC | #2
Hi,
Thanks for reaching out.
I looked at your issue and could see the following error: invalid_client (AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented. So likely you selected the wrong application type. Do not use SPA but Web application.
Hope this helps. Let me know if you still have some difficulties.
With regards, V.P.
Alexandre_OCHMAN | 2023-02-01 13:16:54 UTC | #3
Thank you for your fast anwser.
I changed from SPA to web, but I stil have a 401 unauthorize (a different one): { deploymentId: "102fe28f-7295-4452-868d-d076813fedb0" journeyContext: { customer: {id: "08b727be-35c5-4611-acb3-1896f7399b05", idType: "cookie"}, customerSession: {id: "ec27acdb-d64c-433e-9510-19f8f0130924", type: "web"} } }
code: "unauthorized" contextId: "e7a4f917-ad17-4266-ac42-ac1abd32565a" message: "Failed to identify user for token: GCPII...
And is it possible to see the error you mentionned from my side ?
Regards
vpirat | 2023-02-06 13:42:58 UTC | #4
Hi,
New error message indeed.
I could grab this: unauthorized_client (AADSTS700016: Application with identifier 'd6a78fa4-6a8a-457c-bbc9-efdd46a47ede' was not found in the directory 'a8ee146e-0dcf-4435-8677-eb7f4cf3b5f5'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant. Trace ID: b2633208-4ec8-49d1-be12-631b91d32a00 Correlation ID: dc09ab17-d14b-4c18-8cf4-973c57d4f233 Timestamp: 2023-02-01 13:07:15Z)
Looks like permission/config issue in Azure ?
Regards, V.P.
Alexandre_OCHMAN | 2023-02-02 10:06:20 UTC | #5
Hi,
Thank you for all your help, it's working now.
Regards,
system | 2023-03-04 10:06:55 UTC | #6
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 18215