Update to Admin Center 1.5.23.12.09001

Copper Contributor

Hello together,

after last update I get the message "AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption."

The admin center is registered in Azure. URi has migrated to SPA as recommended by the notice. Windows domain login works and Azure MFA fails after successful login with said error. When I switch the Uri to Web, the problem doesn't occur. First when I want to connect via configuration accounts to the Azure account get a different error message "AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type"

 

Does anyone else have the problem ? 

4 Replies

Yes it seems to affect people that use Azure registration with MFA enabled. 

Try to unregister and register again using the same app is (Note it)

 

If this doesn't help unregister and delete the app via Entra business applications remove Filter search for Admin Center. 

 

Make sure this is 2311 release not the preview anymore. The preview had that issue. 

Hello,

I installed the update via the admin center on 18.12.2023.
I deleted the app and set it up again. Once directly in Azure and then again via the admin center.
I can only log in with MFA if the app is set up with WEB and not as a SPA.
However, if I then try to log in to my Azure account under the settings, the following message comes up

Type
Error

Message
9002326 - [2024-01-05 11:19:33Z]: AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. Request origin: 

ok please contact Microsoft Azure Support then, they are responsible for Windows Admin Center.
Also consider to open a feedback on aka.ms/wacfeedback. I am quite sure i have the same issues with WAC and onboarding to Azure when protected with MFA.

Now its working for me. After a lot of try+errors i delete the App and create a new one (Regsitration).
I create it as WPA and ID Token enabled. SPA still do not work. At the first login an extension was installed. Maybe something changed by MS.