KB-2337 OpenID Connect and Azure AD B2C authentication configuration not returning access token

pauline.delacruz — Mon, 28 Apr 2025 20:56:18 GMT

Current Revision posted to Appian Knowledge Base by pauline.delacruz on 4/28/2025 8:56:18 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown in tomcat-stdOut.log:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc
java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required as a scope in order to receive an access token.

Action

Written as a list of scopes separated by a singular space, add the Client ID to the list of scopes in the OpenID Connect configuration (ex: "openid xxxxx").

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: April 2025

Tags: database, integration, authentication

[DRAFT SUPP-410] OpenID Connect and Azure AD B2C authentication configuration not returning access token

pauline.delacruz — Thu, 20 Mar 2025 15:54:19 GMT

Revision 6 posted to Appian Knowledge Base by pauline.delacruz on 3/20/2025 3:54:19 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown in tomcat-stdOut.log:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc
java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required as a scope in order to receive an access token.

Action

Written as a list of scopes separated by a singular space, add the Client ID to the list of scopes in the OpenID Connect configuration (ex: "openid xxxxx").

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: March 2025

[DRAFT SUPP-410] OpenID Connect and Azure AD B2C authentication configuration not returning access token

Genna Schwarz — Tue, 03 Sep 2024 18:56:29 GMT

Revision 5 posted to Appian Knowledge Base by Genna Schwarz on 9/3/2024 6:56:29 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc
java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required as a scope in order to receive an access token.

Action

Written as a list of scopes separated by a singular space, add the Client ID to the list of scopes in the OpenID Connect configuration (ex: "openid xxxxx").

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2024

[DRAFT SUPP-410] OpenID Connect and Azure AD B2C authentication configuration not returning access token

Genna Schwarz — Thu, 29 Aug 2024 22:16:49 GMT

Revision 4 posted to Appian Knowledge Base by Genna Schwarz on 8/29/2024 10:16:49 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc
java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required as a scope in order to receive an a access token.

Action

Separated by a space from the "openid" scope, add the Client ID to the list of scopes in the OpenID Connect configurations.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2024

[DRAFT] OpenID Connect and Azure AD B2C authentication configuration not returning access token

Genna Schwarz — Thu, 29 Aug 2024 22:15:55 GMT

Revision 3 posted to Appian Knowledge Base by Genna Schwarz on 8/29/2024 10:15:55 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc
java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required as a scope in order to receive an a access token.

Action

Separated by a space from the "openid" scope, add the Client ID to the list of scopes in the OpenID Connect configurations.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2024

[DRAFT] OpenID Connect and Azure AD B2C authentication configuration not returning access token

Genna Schwarz — Thu, 29 Aug 2024 22:13:00 GMT

Revision 2 posted to Appian Knowledge Base by Genna Schwarz on 8/29/2024 10:13:00 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown:

2024-08-02 18:12:11,788 [http-nio-8080-exec-605] ERROR com.appiancorp.security.auth.oidc.OidcAuthCodeManagerImpl - Unexpected exception during OIDC authentication, registrationId: oidc java.util.concurrent.ExecutionException: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json;charset=utf-8]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenValue cannot be empty; nested exception is java.lang.IllegalArgumentException: tokenValue cannot be empty

Cause

Azure AD B2C documentation states the Client ID is required in the scope in order to receive an a access token.

Action

Separated by a space from the "openid" scope, add the Client ID to the list of scopes in the OpenID Connect configurations.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2024

OpenID Connect and Azure AD B2C authentication configuration not returning access token

Genna Schwarz — Thu, 29 Aug 2024 22:12:27 GMT

Revision 1 posted to Appian Knowledge Base by Genna Schwarz on 8/29/2024 10:12:27 PM

Symptoms

When testing OpenID Connect and Azure Active Directory B2C authentication, the following error is thrown:

Cause

Azure AD B2C documentation states the Client ID is required in the scope in order to receive an a access token.

Action

Separated by a space from the "openid" scope, add the Client ID to the list of scopes in the OpenID Connect configurations.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2024