-
Question 💬Hello next-auth Community, I use a custom OAuth provider for Microsoft Active Directory Federation Services Server (ADFS), but I cannot get it to work. I can authenticate successfully on ADFS, but as soon as I receive the authorization code from ADFS, next-auth logs the following error:
My ADFS setup seems to be working: When I use Postman to send the authorize and token request, I can retrieve the access_token, refresh_token and id_token. Additionally, if I open Chrome developer tools, I can see that next-auth receives the callback:
If it is relevant, a id_token from ADFS looks like this: {
"aud": "c8127e8e-43ec-4e8c-ab3e-9d4718075fd1",
"iss": "https://sts.example.com/adfs",
"iat": 1671476232,
"nbf": 1671476232,
"exp": 1671479832,
"auth_time": 1671474797,
"sub": "gPASKeGLBapDlSV4LiaigF8J99krljM7sj2itIJJaIU=",
"upn": "[email protected]",
"unique_name": "DOMAINNAME\\user",
"sid": "S-1-5-21-5684951274-1976985762-2170326571-10803",
"given_name": "user",
"family_name": "lastname",
"apptype": "Confidential",
"appid": "c8127e8e-43ec-4e8c-ab3e-9d4718075fd1",
"authmethod": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"ver": "1.0"
} How do I troubleshoot this issue? How to reproduce ☕️
Contributing 🙌🏽No, I am afraid I cannot help regarding this |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 5 replies
-
Any idea somebody? |
Beta Was this translation helpful? Give feedback.
-
In case anybody get into the same issue. I was able to fix it by using "type: 'oidc'" instead of "type: 'oauth'". Here is my working example:
|
Beta Was this translation helpful? Give feedback.
-
I thought type had to be a supported type : "Credentials, OAuth, etc " , so wouldn't simply changing that to 'oidc' hide it in the login form? |
Beta Was this translation helpful? Give feedback.
-
i just got the same error but with Facebook provider, using Auth.js V5, there is no setting to use "OIDC" as default type is "OAUTH" even when i try to login Facebook with https://next-auth-example.vercel.app/server-example it not returnet the session data |
Beta Was this translation helpful? Give feedback.
In case anybody get into the same issue. I was able to fix it by using "type: 'oidc'" instead of "type: 'oauth'". Here is my working example: