question

WaqasZaheer-1253 avatar image
0 Votes"
WaqasZaheer-1253 asked alfredorevilla-msft commented

Randomly occurring Unable to retrieve document from: '[PII is hidden]'

I came along with so many questions and answers but could not understand or find solution as my case is bit different. I am using Azure with openIdconnect for Active directory authentication (ASP.Net framework 4.6.1)

it has been years it was working fine but a day before yesterday this error occurred for only about 1 hour. error was occurring when trying to do AD authentication.

Exception Message: IDX20803: Unable to obtain configuration from: '[PII is hidden]'.
Inner Exception: System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 400 (Bad Request).

StackTrace: System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden]'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 400 (Bad Request).


during this local authentication and remaining whole application was working fine. After 1 hour this issue was automatically resolved. same happened yesterday. issue occurred for 1 hour and resolved automatically.

Other solution are suggesting to modify IdentityModelEventSource.ShowPII = true; But I dont think so it requires code modification.
Please guide what can be reason that this happens for only short time.
Note: this is happening on only one server all applications on other servers are working fine

Thanks in advance

dotnet-aspnet-mvcazure-ad-openid-connect
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

alfredorevilla-msft avatar image
0 Votes"
alfredorevilla-msft answered alfredorevilla-msft commented

Hello @waqaszaheer-1253, usually this is being caused by a malformed Open IDC metadata document URL. IdentityModelEventSource.ShowPII is pretty useful for that purpose. Alternatively, you can Collect a network trace with Fiddler and find the mal formed call.



Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you @alfredorevilla-msft I applied two things one is as you said IdentityModelEventSource.ShowPII = true
and other System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
and it worked

0 Votes 0 ·

That's great! Let me know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.

Thank you!

0 Votes 0 ·