Swaggerbuckle with AAD --Error AADSTS500013: Resource identifier is not provided

aadsts500013: resource identifier is not provided. postman
invalid_resource
invalid_resource error_description aadsts500013 resource identifier is not provided
error'':invalid_resource
oauth resource identifier is not provided
azure ad scopes
his scenario is supported only if resource is specified using the guid based app identifier
aadb2c90057: the provided application is not configured to allow the oauth implicit flow

I'm trying to use AzureAD to get a token in swagger and test my .netCore2.1 API with it.(using Swashbuckle.AspNetCore 4.0.1)

To do this I completed the following steps

1. Created a Web API project(asp.net Core2.1)
2. Register an Azure AD (AAD) app for the Web API
3. Updated the Web API project to use Azure AD authentication
4. Register an AAD app for the Swagger web site          https://localhost:5001/swagger
5. Granted permissions for the Swagger AAD app to access the Web API AAD app
6. Generated a Client Secret for the Swagger AAD app
7. Enabled OAuth2 implicit flow on the Swagger AAD app
8. Added Swagger to the Web API project

When I authenticate, I am getting the following error.

Error AADSTS500013: Resource identifier is not provided .

When I click authorize

I am getting error AADSTS500013: Resource identifier is not provided.

My WebAPI project's startup.cs file goes here

Please help me understand which resource Identifier I am missing here or how to resolve this error.

Or any pointers on how to use Swaggerbuckle with ASP.NET Core webAPI, especially with AAD authenticated WebAPI ?

UPDATES

I copied my webAPI's APPID URI from azure portal. ie Dashboard>>Microsoft - App registrations>>MY_API_APP>>Settings>>Properties>>App ID URI

But I am still getting the same error when I try to authenticate

Error AADSTS500013: Resource identifier is not provided

Usually resource identifier which uniquely identifies your application. You can easily found your resource Identifier Like below:

When logged into the Azure portal, Azure Active Directory > App Registrations > [App Name] > Settings> Properties, then it's the App ID URI

See the screen shot:

In the orignal OAuth 2.0 specification, there is no resource parameter in the authorization request. It use scope parameter. The authorization and token endpoints allow the client to specify the scope of the access request using the "scope" request parameter.

As document explains, when Azure AD implement the OAuth 2.0(1.0 endpoint), the resource is used to specify the access_token you request for which resource. And the Azure AD will issue the token which the scp based on the permission you config on the portal for the resource.

And in the v2.0 endpoint, the Azure AD also use the scope to support the dynamic permission request. More detail you can have a look here.

Usual Reason for Error

Make sure you have configured below steps accordingly. Like below:

Application Manifest

Reply URI

Request Endpoint

For V1.0 refer this URI https://login.microsoft.com//oauth2/authorize

For V2.0 refer this URI https://login.microsoft.com//oauth2/v2.0/authorize

Application Consent

Need to confirm your application required resource access permission you could refer here

I believe this step can lead you to sort out your problem.

Azure AD Resource identifier is not provided � Issue #624 , When trying to use this with Azure AD I'm reaching a dead end when trying to get a Azure AD Resource identifier is not provided #624 before sending so I'm stuck with the AADSTS50001: Resource identifier is not provided error You're right -- resource is not part of the spec and Microsoft made it up. Teams. Q&A for Work. Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information.

With Azure AD V1.0 app you need set resource to identify which api you want to access during the authentication&access token requests :

Code flow :

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code

Implicit flow :

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-implicit-grant-flow

In Swashbuckle.AspNetCore 4.0.1 , you need to config the resource as parameter if you want to get access token for accessing your web api :

app.UseSwaggerUI(options =>
        {
            options.SwaggerEndpoint("/swagger/v1/swagger.json", "MySite API V1");
            options.OAuthClientId("19c73866-562f-482a-bafb-89d9fe9b0aaa");
            options.OAuthAppName("Swagger Api Calls");

            // add resource 
            options.OAuthAdditionalQueryStringParams(new Dictionary<string, string>() { { "resource", "f479db30-9b62-431b-98c2-bcaae52203cf" } });
        });

OAuth2 and Azure Active Directory, Azure Active Directory, I get the response: "error":"invalid_resource"," error_description":"AADSTS50001: Resource identifier is not provided. Teams. Q&A for Work. Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information.

For us Nan Yu's response got us one step closer. We added the resource in the AdditionalQuerystringParams like so:

options.OAuthAdditionalQueryStringParams(new Dictionary<string, string>() { { "resource", "{ResourceIDHere}" } });

We are now able to get passed the Auth step in Swagger, but trying routes out doesn't seem to pass the token to the api called and so we get a 401 Error.

带有AAD的Swaggerbuckle-错误AADSTS500013:未 , Swaggerbuckle with AAD --Error AADSTS500013: Resource identifier is not provided. 发表于 2019-03-13 22:55:07. 活跃于 2019-07-05 07:39:30. 查看792 次. Stack Overflow Public questions and answers; Teams Private questions and answers for your team; Enterprise Private self-hosted questions and answers for your enterprise; Jobs Programming and related technical career opportunities

change { "scope", API_AppID_URI} to { "resource", API_AppID_URI}

azure-active-directory - java, Swaggerbuckle with AAD --Error AADSTS500013: Resource identifier is not provided � Azure AD Enterprise App SAML configuration � Add members to Azure � Stack Overflow Public questions and answers; Teams Private questions and answers for your team; Enterprise Private self-hosted questions and answers for your enterprise; Jobs Programming and related technical career opportunities

Authentication Problem With Microsoft Azure Application, AADSTS50001: Resource identifier is not provided. Trace ID: 97378427-3353- 4c40-98f8-7b891bb20efb. Correlation ID: 962eb81d-bfeb-4f2a-�

Access Secured Azure Web API from Postman with OAuth 2.0 , This application Id will be used as resource id and client id when This error comes when supplied client_secret is not same as AADSTS50001: Resource identifier is not provided. Securing a web API with Azure AD�

Identity Manager 8.0.1, There is not a technical support engineer currently available to respond to your Error. "invalid_resource. AADSTS50001: Resource identifier is not provided.

Comments
  • @abhi check out this step you might found the workaround.
  • @abhi it would be more helpful if you update your question step that you have done so far then problem can be easily figured out.
  • I updated my question with the steps I followed from start till now