When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown in tomcat-stdOut.log:
2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty
Azure AD B2C documentation states the Client ID is required as a scope in order to receive an access token.
Written as a list of scopes separated by a singular space, add the Client ID to the list of scopes in the OpenID Connect configuration (ex: "openid xxxxx").
This article applies to all versions of Appian.
Last Reviewed: April 2025