Forum Discussion
Invalid issuer o signature error in SPO Provider-Hosted AddIns
Same here. We managed to work around the error by specifying a HostedAppHostNameOverride app setting in our Application Settings. We found out that in TokenHelper's CreateAcsClientContextForUrl the call to OperationContext.Current.IncomingMessageHeaders.To.Host resolved in the wrong Host Name. In our case we expected ourapplication.azurewebsites.net but only ourapplication was returned.
- Slawomir BrykMar 08, 2018Copper Contributor
Having the same issue.
Indeed, putting the HostedAppHostNameOverride approach seems to be working as a temporary workaround.
- Rajat chauhanMar 09, 2018Copper Contributor
Hello, I tried putting HostedAppHostNameOverride below Client Id and Client Secret tags in Web. Config file. But it didn't work as expected. List is still unable to trigger remote event receivers. Please advice.
- Slawomir BrykMar 09, 2018Copper Contributor
Hello Rajat,
It did work for me, even for remote event receivers (at least the one being triggered when the add-in is being uninstalled).
The basic rule is to make sure that this value contains the text that is displayed to you in the error message "(...) is not the intended audience <important_text>". So you take the important_text value from your log message, strip if from the part before the "/" sign and the part after the "@" sign (see the content of TokenHelper.GetFormattedPrincipal method for details on what is going on there), and put it in the HostedAppHostNameOverride.
Also, as you've probably seen, the HostedAppHostNameOverride parameter can be a semicolon-separated-value, so you can put several values there.
Hope this helps.