cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
NathanInglis
Frequent Visitor

OAuth 2.0 implicit grant flow token endpoint issues

Hi,

 

I am having an issue with hitting the token and authorization endpoints for OAuth 2.0 Implicit grant flow. This has been working previously to get the token in all environments. The Environments that were being used are DEV, TEST, UAT and PROD.

 

As of about a week ago this functionality completely stopped working in TEST and UAT. It is still working in DEV and PROD.

 

We are currently experiencing a issue with TEST and UAT where any request for the public key using the URL {portal url}/_services/auth/publickey results in the error message,


{"ErrorId":"PortalSTS0018","ErrorMessage":"The Implicit Grant certificate was not found. Please upload it from the Admin Centre. ","Timestamp":"9/6/2022 8:54:49 AM","CorrelationId":"cc80656b-65f0-4e1b-9c9b-ac9aee870647"}

 

Also when requesting the token using {portal url}/_services/auth/token using a GET results in a Http 404 Not Found error or when using a POST a 403 Forbidden error.

 

We are not currently using custom certificates.

 

I have noticed that in the upcoming deprecations for the portal this is listed Important upcoming changes and deprecations in Power Apps portals - Power Apps | Microsoft Docs.

NathanInglis_0-1662525604215.png

 

I was wondering if anybody has a resolution for this issue, any help would be much appreciated.

 

1 ACCEPTED SOLUTION

Accepted Solutions
eugenevanstaden
Resolver III
Resolver III
9 REPLIES 9
eugenevanstaden
Resolver III
Resolver III

Thanks @eugenevanstaden, I will give this a try and see if it resolves my issue.

 

Do you know exactly what the route cause of this functionality changing is?

eugenevanstaden
Resolver III
Resolver III

@NathanInglis 

the GET action to get the token will be deprecated but then it seems the Certificate requirement was included in the last portal update. 

NathanInglis
Frequent Visitor

@eugenevanstaden 

 

Do you have any idea why it might still be working in some environments?

eugenevanstaden
Resolver III
Resolver III

@NathanInglis 

Can you check the portal version of the environments that do work - could be that theyve not been upgraded.


NathanInglis
Frequent Visitor

@eugenevanstaden 

 

Yes I initially though that this might be the case too. However, I can confirm that all of the portals are running on 9.4.8.59.

 

NathanInglis
Frequent Visitor

@eugenevanstaden 

 

Are you able to hit the {portal url}/_services/auth/publickey without authentication since the update?

Would you provide more details about the custom certificate you created?  All of the documentation mentions creating a custom certificate, but there are no details on what the certificate should contain.  Is the CN your portal URL?  

eugenevanstaden
Resolver III
Resolver III

@backpackerjk 

Documentation: https://docs.microsoft.com/en-us/power-apps/maker/portals/admin/manage-custom-certificates

You cant add a self signed cert and need to get one from a trusted authority. I created a single certificate pca.mydomain.com (replace with you domain - pca is my standard term for Portal Companion App).

I used this certificate in all my portal environments dev all the way to prod. This works regardless if your portal is on powerappsportals.com domain. 

Helpful resources

Announcements
Microsoft 365 Conference – December 6-8, 2022

Microsoft 365 Conference – December 6-8, 2022

Join us in Las Vegas to experience community, incredible learning opportunities, and connections that will help grow skills, know-how, and more.

MPP IDEAS updated 768x460.png

Ideas

Discover ideas and concepts from users like you for how to use Power Pages and take your work to the next level.

Users online (5,112)