Unable to fetch metadata

Question

Unable to fetch metadata

Nikko-Foti opened this issue 7 years ago · 13 comments

Hi,

I am working on configuring passport-azure-ad to verify a JWT that is being send via a front-end service to my API. Unfortunately, I keep getting these errors:

Cannot get AAD Federation metadata from endpoint you specified https: ...

AND

authentication failed due to: In loadMetadata: Unable to fetch metadata

I followed the example here very closely and am using the exact BearerStrategy configuration options that were provided to me.

Has anyone else had this error?

Answer 1 · 2018-01-14T21:30:38.000Z

I'm coming up against the same issues - did you manage to get anywhere with them @Nikko-Foti?

Answer 2 · 2018-01-15T01:25:54.000Z

@Nikko-Foti @ed-parry Can you add one line to log the error after line 520 of bearstrategy.js? For example something like console.log(fetchMetadataError) and let me the error message?

Answer 3 · 2018-01-18T10:29:53.000Z

Hey guys,

I also had the Unable to fetch metadata Error. In my case it was due to the enterprise proxies. However I haven't found a solution yet to avoid it. Hope that helps you.

Answer 4 · 2018-07-11T13:30:44.000Z

I just ran into this thread because I had the same error in my logs. For me, the resolution was to make sure the policy name aligned with the one I defined in the Azure portal.

Answer 5 · 2019-02-28T22:38:26.000Z

I'm running into this problem as well, but with the OIDCStrategy. My policy name aligns. It's not a proxy issue like @HofmT, I've tried on multiple networks. I'm using a B2C tenant.

Answer 6 · 2019-06-28T09:46:19.000Z

What's the policy name ? I ran into the same problem.
Ensure that the policy name starts with
b2c_1_
in lowercase only. The rest may be mixed case.

Answer 7 · 2019-07-16T18:05:06.000Z

If you're following the documentation here(https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp), and you're like me and follow the docs completely you'll get this error.

The problem is in the //TODO: Update the first 3 variables section. The documentation tells you to change:
var tenantID = ".onmicrosoft.com";
var clientID = "<Application ID for your Node.js Web API - found on Properties page in Azure portal>";
var policyName = "<Name of your sign in / sign up policy, e.g. B2C_1_SiUpIn>";

It doesn't mention the line above those 3 which has tenantName which you have to modify and ignore the tenantID = your-tenant-name.onmicrosoft.com portion in the docs, just leave it how it is and add your tenant name to the tenantName var or delete the tenantName + value.

Answer 8 · 2020-02-06T17:17:06.000Z

@Nikko-Foti @ed-parry @HofmT @danistrebel @mattschroed This sample should be working consistently now.

Answer 9 · 2020-03-04T23:30:51.000Z

Issue is resolved. Closing this.

Answer 10 · 2020-03-12T09:37:49.000Z

Hello, I have the same issue !! what should i do !! i have verified all params !
404 Cannot get AAD Federation metadata ...

Answer 11 · 2020-03-12T23:53:07.000Z

Hi @ChamseddineBhd , can you please give more details. Are you using the most recent version of the sample? Can you paste your config.js file here (masking the sensitive information)? thanks

Answer 12 · 2021-01-29T20:10:07.000Z

Hello, I had the same issue. The thing that solved it for me, in the identityMetadata, instead of using https://login.microsoftonline.com/your_tenant_name**.onmicrosoft.com**/v2.0/.well-known/openid-configuration
use same string but without .onmicrosoft.com

Answer 13 · 2021-01-29T21:24:52.000Z

@alexkrytsky this string (identityMetadata) should match the Azure AD B2C OpenID Connect Metadata document in your App registration > Endpoints tab

In config.js, if you have only entered the name of your tenant (without .onmicrosoft.com), it should work as intended. But feel free to open a new issue and share your app config there.