Sharepoint on prem one drive and authentication issue

Hamza Ashraf 20 Reputation points
2024-10-10T11:37:24.0533333+00:00

Scenario :

We have a SharePoint On-prem setup in our organization, We are trying to authenticate our users through EntraID and have setup OIDC using the following documentation https://learn.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/set-up-oidc-auth-in-sharepoint-server-with-msaad

 

In this environment we need a one drive setup as well. We have followed

https://learn.microsoft.com/de-de/sharepoint/sites/set-up-onedrive-for-business#verify-that-onedrive-is-available-to-your-users

and can see one drive appearing on MySites. But when we try to launch t gets stuck in the “We’re setting things up page”

 

Secondly the SharePoint api’s sends back an 401 unauthorized error when we try to use Outh2.0 (Have successfully generated the bearer token )

 

ERROR : Signature validation failed. Unable to resolve SecurityKeyIdentifier: 'SecurityKeyIdentifier

    (

    IsReadOnly = False,

    Count = 2,

    Clause[0] = X509ThumbprintKeyIdentifierClause(Hash = 0x31CEE5DC8CFDDE0EEEC2035E15435B0FD66063E4A),

    Clause[1] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause

    )

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,289 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,623 questions
{count} votes

Accepted answer
  1. RaytheonXie_MSFT 36,411 Reputation points Microsoft Vendor
    2024-10-11T08:49:32.52+00:00

    Hi @Hamza Ashraf,

    From the error message, you could try to add an x509 Security key or credentials. Please refer to following document

    Granting access via Azure AD App-Only


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 additional answer

Sort by: Most helpful
  1. Hamza Ashraf 20 Reputation points
    2024-10-16T05:00:00.46+00:00

    Subject: Thumbprint Validation Issue with OIDC in Postman

    We are encountering a thumbprint validation error while implementing OpenID Connect (OIDC) authentication using Postman. Despite providing the correct certificate thumbprint, client ID, and secret, the token validation process fails due to a thumbprint mismatch. We have verified the certificate thumbprint using the .well-known/openid-configuration endpoint and confirmed that our configurations align with the settings of our identity provider (Azure AD).

    We are using the RS256 signing algorithm, and the token's key ID appears to match one of the keys in the JWK set. However, the thumbprint validation still fails during the token issuance process. Could you please assist in identifying the cause of this issue and provide guidance on how to resolve the thumbprint mismatch? Thank you for your help.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.