Comments (3)
Hi @slavag, there have been no changes in the library, so I suspect this might be related to changes happening on the service. Could you please share the configuration values for applications where you are seeing issues so we can investigate further? Value for authority, tenant id, client id, and resource would be a good start. Feel free to email them via email to sagonzal @ microsoft if you would like to avoid posting that information here.
from azure-activedirectory-library-for-java.
@sangonzal Thanks, will send you in private.
from azure-activedirectory-library-for-java.
Discussed via email. Posting answer here in case anyone runs into this issue in the future:
The AAD service has shipped a security fix to validate that a device that matches the deviceId claim from a token is actually read from directory and is enabled irrespective of device based conditional access policies.
The reason that the tokens are rejected is because the presence of the deviceId claim indicates a binding to that device and when this device is not found in the directory it indicates a revocation action where the device was deleted or disabled and tokens for that device will no longer be valid.
You can either:
- Work with the tenant administrator to get the device record restored https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal#device-management-tasks",
- Acquire a new set of tokens, including a new refresh token.
from azure-activedirectory-library-for-java.
Related Issues (20)
- Create QuickStart sample HOT 1
- daemon certificate credential HOT 2
- "The server was unable to process the request due to an internal error" when using app-only auth with only client ID and client secret HOT 3
- Why do specific Overloads of acquireToken(..) do not return refreshTokens? HOT 3
- AdalCallable logs ERROR when acquireToken fails HOT 2
- Tokens generated using adal 1.2.0 (python) works but those generated using adal4j 1.6.0 do not Azure Active Directory App Integration and Development HOT 10
- object aad is not a member of package com.microsoft HOT 3
- x509CertThumbprint is deprecated HOT 2
- Make library dependencies have an upper version limit. HOT 7
- MSAL Java AcquireToken service is returning invalid access token sometimes in MSAL java web HOT 1
- Confusion arises when using Graph, Office combined permission to get access Token HOT 2
- adal4j with java 6 HOT 7
- can use it for SCIM HOT 1
- java.lang.NoClassDefFoundError: com/nimbusds/oauth2/sdk/http/CommonContentTypes HOT 1
- Latest adal4j 1.6.6 uses oauth2-oidc-sdk 7.4 which is vulnerable to XXE Injection HOT 3
- Vulnerability introduced by com.nimbusds:oauth2-oidc-sdk v9.4
- CVE Issue in ADAL4j's oauth2-oidc-sdk dependency
- Dependency error due to jCenter() outage
- Impact of Azure AD Graph API deprecation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-activedirectory-library-for-java.