Invalid grant error when using identity + flask + b2c

[guushoekman]

I have a flask app where I want to allow users to sign in using B2C. I'm using the following code:

import os
from identity.flask import Auth
from flask import Flask

app = Flask(__name__)

app.config.update(
    SESSION_TYPE="filesystem",
)

auth = Auth(
    app,
    os.getenv('CLIENT_ID'),
    client_credential=os.getenv('CLIENT_SECRET'),
    b2c_tenant_name="some_tenant_name",
    redirect_uri="https://some.domain.com/auth/redirect",
    b2c_signup_signin_user_flow="name_of_user_flow"
    )

@app.route("/")
@auth.login_required
def index(*, context):
    try:
        user = context['user']
        return str(user)
    except Exception as e:
        return str(e)

Unfortunately I get the following error:

Login Failure - invalid_grant
AADB2C90085: The service has encountered an internal error. Please reauthenticate and try again

I've checked all the settings in Azure and the redirect uri, tenant name, etc all seem to be correct. The code is basically directly from the example in the documentation and I don't see any errors there either.

Any idea what this could be?

[rayluo]

It seems like your app was implemented correctly. That error code was emitted from the service side. Perhaps you can search that error and go from there? For example, this post seems relevant. https://learn.microsoft.com/en-us/answers/questions/1055427/aadb2c90085-cant-obtain-token-with-client-credenti

[guushoekman]

Thank you so much for the quick reply Ray, I really appreciate it. It turned out I was using the wrong client_secret in my environment variables. The error message regarding an invalid grant confused me, but it turned out to be as simple as fixing the client secret. No more issues now, library works great! ☺️