When using NextJS, choose "Web" in App registration/Platform configuration Microsoft Entra ID Admin center #12400
Comments
jonaddams
added
the
triage
|
|
|
same I got same error
|
|
I also get the same error and have set it as web. |
I'm experiencing the same issue with the JWT error when using Microsoft Entra ID with Next.js configured as an SPA. But I would prefer to keep using SPA due to my application's architecture. Could the documentation be updated to provide a solution or workaround for those of us who need to use SPA? Any guidance or updates on this would be greatly appreciated. Thank you! |
|
The fix for me in V5 beta was to ensure the following: Make sure you ask for openid and have this configured on the API permissions tab of your Entra ID app. MicrosoftEntraID({
clientId: process.env.AUTH_MICROSOFT_ENTRA_ID_ID,
clientSecret: process.env.AUTH_MICROSOFT_ENTRA_ID_SECRET,
issuer: process.env.AUTH_MICROSOFT_ENTRA_ID_ISSUER,
authorization: {
params: {
scope: 'openid profile email' // make sure you ask for openid
}
}
})
Make sure you have the Redirect url set in Web not SPA mode, you can set local and remote: Then in my env i set:
|
What is the improvement or update you wish to see?
In the Microsoft Entra ID for Next JS documentation, it should specify to choose "Web" in the "App registration/Platform configurations" section (not "SPA", which most would likely choose for a Next app). The token sent is different for Web vs SPA and if SPA is chosen, you will get an error:
"JWTInvalid: JWTs must use Compact JWS serialization, JWT must be a string"
Is there any context that might help us understand?
I was getting the same error as the issue below, which helped me resolve the issue.
#12187
Does the docs page already exist? Please link to it.
https://authjs.dev/getting-started/providers/microsoft-entra-id
The text was updated successfully, but these errors were encountered: