Forum Discussion
WAC Build 2311 in HA Not Authenticating w/ Entra AD Properly
Have a fresh install of WAC Build 2311 in HA, with Entra authentication enabled. When I try to log in as a domain user that does not have administrative privileges on the WAC gateways (but still falls under a regular User), I receive this error:
Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.
The user is listed in a group with the role Gateway User in Entra.
This doesnt seem to have been a problem with the previous build before 2311.
I am able to log in with my admin account that is a Gateway Administrator (that is also in the local Administrators group).
- ez12aCopper Contributor
Just tested by rolling back to a fresh install of Build 2306 and it does not have the same issue.
I noticed some warning on Build 2311 about migrating to SPA when configuring the integration with Entra and also tried following the steps to migrate to SPA and got the same error in this thread when trying to login with a normal user account: https://techcommunity.microsoft.com/t5/windows-admin-center/update-to-admin-center-1-5-23-12-09001/m-p/4013640
Seems like Build 2311 with Entra integration for 2FA is still not fully supported. I will have to roll back to Build 2306.- Rebecca_WambuaMicrosoftHi, Thank you for the feedback and sorry about this issue. We are currently conducting an investigation into our identity model and RBAC. Please bear with us on this as we aim to improve this experience.
- GeoffryFaulknerCopper Contributor
Rebecca_Wambua It has been a month since the last response and I am still unable to login to Windows Admin Center. Has a cause been found? A workaround or solution?
Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.
- DrSleezCopper Contributor
Also run into this issue. Somebody got any updates?
- YvesGutSTSCopper ContributorHello everyone, I have the same problem. I am using Windows Admin Center 2311 with EntraID authentication enabled. The redirect URLs are fine, and ID tokens are used (Hybrid Flow) and my wac users are listed in a group with the role Gateway User in Entra. But I always get the message:
Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.
I have also used Azure's Sign-in Diagnostic, which states that:
"The user sign-in failed due to application configuration issues. The reply URL does not match the reply URLs configured for the application {appName}. Make sure the reply URL sent in the request matches one added to your application in the Azure portal."
...no matter what I configure. Is there any news about this issue ? - JE-OFVCopper Contributor
Found a solution to the problem?
- GeoffryFaulknerCopper ContributorUse incognito browser mode until the problem is resolved. Crazy it has gone on this long without a solution.
- toomassulsCopper ContributorThere still is no Fix for it?
Had to do rollback myself to get it working again (2306 works fine) but 2311 does not even in incognito it gives this error.
Searching around i do not see any bug tracker to WAC aswell