ASP.NET Core Web App using Work (Azure A/D) Authentication works debugging locally, but not after publish to Azure


  • My ASP.NET Core web app works great when running and debugging locally, but fails to run once published to Azure. I enabled Organizational Authentication and selected the appropriate domain upon publishing.

    After I publish to Azure I get this error:

    An unhandled exception occurred while processing the request.

    OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.
    Trace ID: 640186d6-9a50-4fce-ae39-bbfc1caf2400
    Correlation ID: 622758b2-ca52-4bb0-9a98-e14d5a45cf80
    Timestamp: 2017-04-19 16:36:32Z', error_uri: 'error_uri is null'.

    I'm assuming that it's because the Client Secret needs to be stored in Azure somewhere; however, the value in secrets.json did not work when I added it as an App Setting as I saw someone was able to do on another post. Also not sure if putting the value of "Authentication:AzureAd:ClientSecret" in Azure AppSettings is a good idea anyway.

    Wednesday, April 19, 2017 7:45 PM