JWT token is always returning a ‘401 Unathorized’

Question

I'm building a an ASP.NET Core Web API that will consume some data entitie on Dynamics 365 F&O. I've registered an APP on Azure and generated the neccessary credentials (client_id, client_secret, etc) When i hit the endpoint directly from postman, this is what i get: And when i use this access_token to make calls on the oData endpoint, i get a '200 OK' response: Everything is fine up to this point..... But ive wrapped the whole access token retrieval into a controller and when it hit the endpoint for this controller, i get access token...Cool! But when i use the jwt token marked in black to make requests, i get a '401 unathorized' response, but despite checking from jwt.io, the token looks OK. Someway somehow my token gets invalidated . HAS ANYBODY FACED THIS ISSUE BEFORE???

Oyedepo Olufemi · Answer

Like I said earlier, the whole authentication logic has been implemented by Microsoft and all you have to do is call this url ( https://login.microsoftonline.com/ >/oauth2/token) to get the Bearer token. Well I've found the solution to the problem. I was reading my client_id, tenant_id, secret_key from appsettings.json, so I tried harcoding them directly into the helper method generating the token and boom it worked!!! No more '401 Unathourized'

Dharmesh Sharma · Answer

Dear Oyedepo, As you can see Configure Method has no app.UseAuthentication(); so application alway retun 401 unauthorized

Oyedepo Olufemi · Answer

here are the permissions

Abhijeet Jadhav · Answer

What permissions are configured in app registration in Azure?

Oyedepo Olufemi · Answer

Thanks for reaching out Dharmesh but here's the thing...the jwt token generation implementation has been implemented on this endpoint => https://login.microsoftonline.com/ > /oauth2/token All i need to do i make a POST request to the URL above and then pass the client id, resource, grant_type, secret_key on the POST request and then after making the request (first imag screenshot above), i get the Bearer Token as part of my response. Here's my Startup.cs file

Dharmesh Sharma · Answer

Dear , Can you share Startup,cs code? Or check have you configure the authentication in configure method app.UseAuthentication(); If this is not configure then every token return 401 unauthorized because this token is not validate with application because authentication is not configure. Let me know if issue is resolved. Thanks Dharmesh Sharma

Oyedepo Olufemi · Answer

Here's the screenshot

Abhijeet Jadhav · Answer

Can you provide of the screenshot when you get 401 unauthorized error?

Oyedepo Olufemi · Answer

Yes i have them ticked....

Abhijeet Jadhav · Answer

Hi Oyedepo, Have you enabled the implicit grant flow in the registered app?