AADSTS50126: Error validating credentials due to invalid username or password
I am quite new in Azure and B2C.
Up today, I am familiar with Tenants, Directories, Subscriptions, UserFlows AppRegistrations and have been able to run this sample.
I am nor really familiar with scopes, API permissions and ROPC.
What I am trying to do is to insert B2C into my developed webApps. The idea was to include it as this sample. My appsettings:
{
"Authentication": {
"AzureCloudInstance": "AzurePublic",
"AadAuthorityAudience": "AzureAdMyOrg",
"TenantId": "3d4b9781-2052-466a-b45c-xxxxxxxxxxxxxx",
"Domain": "xxxxxxxxxxxxx.onmicrosoft.com",
"ClientId": "9e99f9ee-1f6d-4668-8f4d-xxxxxxxxxxxxxx"
},
"WebAPI": {
"MicrosoftGraphBaseEndpoint": "https://graph.microsoft.com"
}
}
The result:
Error: AADSTS50126: Error validating credentials due to invalid username or password.
Trace ID: 9f636bfe-44ab-4bad-92ef-b5b8f6dd3600
Correlation ID: 6104315c-c8b3-4f5b-92e4-510f781cc8cc
Timestamp: 2021-03-19 14:51:03Z
I tried also this:
var url = $"https://login.microsoftonline.com/{Domain}/oauth2/token";
var values = new Dictionary<string, string>
{
{ "resource", "https://graph.microsoft.com" },
{ "grant_type", "password" },
{ "client_id", CleintId },
{ "client_secret", Secret },
{ "username", Username },
{ "password", Password },
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new FormUrlEncodedContent(values)
};
//request.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
var response = await client.SendAsync(request);
var responseString = await response.Content.ReadAsStringAsync();
and this:
var url = $"https://login.microsoftonline.com/{TenantId}/oauth2/v2.0/token";
var values = new Dictionary<string, string>
{
{ "client_id", CleintId },
{ "scope", "https://graph.microsoft.com/user.read" },
{ "username", Username },
{ "password", Password },
{ "grant_type", "password" },
{ "client_secret", Secret },
};
var content = new FormUrlEncodedContent(values);
var response = await client.PostAsync(url, content);
var responseString = await response.Content.ReadAsStringAsync();
I always get AADSTS50126: Error validating credentials due to invalid username or password.
In any case, the password is correct, I am able to log in using 1-WebApp-OIDC/1-5-B2C example.
I have registered two different application, one for 1-WebApp-OIDC/1-5-B2C and one for console-up-v2
What do I miss?
I took also a look to this guide but no idea about TrustFrameworkExtensions.xml and where to find it.
EDIT:
I tried followings:
var url = $"https://{TenantName}.b2clogin.com/{TenantName}.onmicrosoft.com/B2C_1_{ROPC_UserFlow}/oauth2/v2.0/authorize";
var values = new Dictionary<string, string>
{
{ "username", Username },
{ "password", Password },
{ "grant_type", "password" },
{ "scope", $"openid {ClientId} offline_access" },
{ "client_id", ClientId },
{ "response_type", "token id_token" },
};
var request = new HttpRequestMessage(HttpMethod.Post, url)
{
Content = new FormUrlEncodedContent(values)
};
var response = await client.SendAsync(request);
var responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
Get:
var CONTENT = {"contact-none":"Your administrator hasn't provided any contact details.","contact-number-label":"Telephone","contact-email-label":"Email","error-title":"Sorry, but we're having trouble signing you in.","error-help":"We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again."};