Forum Discussion

yoelh's avatar
yoelh
Icon for Microsoft rankMicrosoft
Mar 17, 2023

Azure AD B2C authorization code and refresh token size increase update

Update September 11, 2023: This post is irrelevant anymore   As part of ongoing security improvement efforts in Azure Active Directory (AAD), part of Microsoft Entra, Azure AD B2C will be rolling...
Azure AD B2C
hebboss's avatar
hebboss
Copper Contributor
Apr 19, 2023

yoelh 

For all those who encounter this issue on Azure web apps, we had to modify the web.config to override the request limits:
<requestFiltering>
    <requestLimits maxUrl="10999" maxQueryString="2097151" />
</requestFiltering>

For those who run a nodejs server under IIS, you will also need to increase the size of the http headers in the iisnode module:
<iisnode nodeProcessCommandLine="node.exe --max-http-header-size 81000"/>

  • nathanashton's avatar
    nathanashton
    Copper Contributor
    Apr 19, 2023

    hebboss Thanks for the details.

     

    We run Angular Apps through Azure App Services using Node.js. We seem to be suffering the same issue where the length of the query parameters exceeds some sort of limit.

     

    Any idea where we can bump this limit up with Node in App Services?

    Thanks

  • Rohn_Adams's avatar
    Rohn_Adams
    Copper Contributor
    Apr 20, 2023
    We seem to be having the same issue for React Apps through Azure App Services using Node.js. Adding your suggested <requestFiltering> and <issnode> elements did not resolve the issue.

Resources