AADSTS70005: response_type 'id_token' is not enabled for the application

AzureAzure Active-Directory

Azure Problem Overview

> AADSTS70005: response_type 'id_token' is not enabled for the > application

I am getting above error even after setting "oauth2AllowImplicitFlow": true, in manifest.

Azure Solutions

Solution 1 - Azure

try this: go to portal.azure.com select your directory, and go to Azure AD then select App registration (preview) select the app you are trying to authenticate (you should already have registered it) go to the authentication tab check "ID tokens" in the Advanced Settings section (see the bottom of the attached image)

enter image description here

this have worked for me

Solution 2 - Azure

I got the error:

> AADSTS700054: response_type 'id_token' is not enabled for the application.

And the resolution was setting:

{
  "oauth2AllowIdTokenImplicitFlow" : true
}

in Azure Active Directory App Manifest

Solution 3 - Azure

Make sure you have selected ID tokens (used for implicit and hybrid flows) You can do from Authentication blade in your app in Azure AD. See screenshot below

Or go to the Manifest blade and make oauth2AllowIdTokenImplicitFlow to true. See screenshot below enter image description here

Solution 4 - Azure

Error : OpenIdConnectMessage.Error was not null, indicating an error. Error: 'unsupported_response_type'. This error occurred because Azure AD not return any Access tokens or ID tokens. Azure AD need to enabled check box to return tokens, after authentication is done.

How to Solve : goto Azure AD => App registration => click tab Authentication => enabled Access tokens and ID tokens check-boxes.

Solution 5 - Azure

Make sure you don't have two instances of the key oauth2AllowImplicitFlow in your manifest - in my case I had added the key but it was present already with the value set to false. Hopefully this solves the issue:)

Solution 6 - Azure

I was facing similar issue and when visited the page of ActiveDirectory -> App registrations, it wasnt showing new UI.

Also it doesnt allow me to set the flag in the metadata, Found the workaround for this.

https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Authentication/quickStartType//sourceType/Microsoft_AAD_IAM/appId/9bab1d75-34b8-475b-abfe-5a62c6f01234/objectId/a4b459c1-7753-400c-8f8f-46fb5451234/isMSAApp//defaultBlade/Overview/servicePrincipalCreated/true

First login to your instance, modify the above URL to paste object id and application id of your application.

Then it should show the screen @Mosè Bottacini posted.

Solution 7 - Azure

It is true like a lot of you are saying that you need to enable ID tokens (used for implicit and hybrid flows) if you really need the ID Token.

> 'AADSTS700054: response_type 'id_token' is not enabled for the > application.

However if you use a Authorization Code Flow you don't really need it. Microsoft OpenID Connect authentication (Microsoft.AspNetCore.Authentication.OpenIdConnect) uses id_token as default ResponseType for OpenIdConnect and JwtSecurityTokenHandler.

enter image description here

Using AddOpenIdConnect you can set ResponseType to OpenIdConnectResponseType.Code or simply "code" and then you don't need the id_token at all.

Working example with Azure Ad and IdentityServer:

services.AddAuthentication()
      .AddOpenIdConnect("aad", "Azure AD", options =>
            {
                options.ClientSecret = "<ClientSecret>";
                options.ResponseType = OpenIdConnectResponseType.Code;
                options.ClientId ="<ClientId>";
                options.Authority = "https://login.microsoftonline.com/<TenantId>/";
                options.CallbackPath = "/signin-oidc";
            })
        .AddIdentityServerJwt();

http://docs.identityserver.io/en/latest/topics/signin_external_providers.html

Solution 8 - Azure

If you are building a client-side application, you need to include an implicit flow from the application manifest.

"oauth2AllowImplicitFlow": true,

  1. Open the application settings azure portal, and load the manifest file from the " Manifest menu".

  2. Search for oauth2AllowImplicitFlow and change the true value.

  3. Load the file again via the same menu.

  4. Exit and re-enter the app and it will work.

The implicit grant type is used for mobile applications and web applications (for example, applications that run in a web browser) where the client's secret privacy is not guaranteed.

More information about oauth2 implicit flow

Introduction to OAuth 2

Tip: For the Implicit grant, use response_type=token to include an access token. An alternative is to use response_type=id_token token to include both an access token and an ID token.

Step by Step Configuration Configure SSO

Categories
Recommended Azure Solutions
Recommended Azure Active-Directory Solutions

Previous Solution:

How to execute update ($set) queries in MongoDB Compass tool?

MongodbMongodb QueryMongodb Compass

Next Solution:

how to update npm on macOS

MacosNpm

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionJajula SivaView Question on Stackoverflow
Solution 1 - AzureMosè BottaciniView Answer on Stackoverflow
Solution 2 - AzureeMazeikaView Answer on Stackoverflow
Solution 3 - AzureRupesh Kumar TiwariView Answer on Stackoverflow
Solution 4 - AzureDhiraj GhodeView Answer on Stackoverflow
Solution 5 - AzureVincenzo CriscuoloView Answer on Stackoverflow
Solution 6 - AzureGanesh BhatView Answer on Stackoverflow
Solution 7 - AzureOgglasView Answer on Stackoverflow
Solution 8 - AzureNadeem TajView Answer on Stackoverflow