✅ ASP.NET Core Environment Variables: missing Parameter "clientSecret" for EntraId

I want to authenticate Users with EntraId & call Downstream-APIs

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(azureAdConfig)
                .EnableTokenAcquisitionToCallDownstreamApi()
                .AddInMemoryTokenCaches();

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(azureAdConfig)
                .EnableTokenAcquisitionToCallDownstreamApi()
                .AddInMemoryTokenCaches();

However, I struggle to get my Environment Variables & Secrets working

Because this is running in a Container I use Environment Variables.
This works fine:

string instance = Environment.GetEnvironmentVariable("ENTRA_INSTANCE") ?? throw new Exception("Missing Environment Variable ENTRA_INSTANCE");
string clientId = Environment.GetEnvironmentVariable("ENTRA_CLIENT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_CLIENT_ID");
string tenantId = Environment.GetEnvironmentVariable("ENTRA_TENANT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_TENANT_ID");
string entraScope = Environment.GetEnvironmentVariable("ENTRA_SCOPES") ?? throw new Exception("Missing Environment Variable ENTRA_SCOPES");

string instance = Environment.GetEnvironmentVariable("ENTRA_INSTANCE") ?? throw new Exception("Missing Environment Variable ENTRA_INSTANCE");
string clientId = Environment.GetEnvironmentVariable("ENTRA_CLIENT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_CLIENT_ID");
string tenantId = Environment.GetEnvironmentVariable("ENTRA_TENANT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_TENANT_ID");
string entraScope = Environment.GetEnvironmentVariable("ENTRA_SCOPES") ?? throw new Exception("Missing Environment Variable ENTRA_SCOPES");

The Compose Secret is in the correct Path in the Container and i add it to config with:

builder.Configuration.AddKeyPerFile(directoryPath: "/run/secrets", optional: false);

builder.Configuration.AddKeyPerFile(directoryPath: "/run/secrets", optional: false);

But i have no idea how to get Auth to work. I have a workaround for the Config that works:

var azureAdConfig = new ConfigurationBuilder()
    .AddInMemoryCollection(new Dictionary<string, string>
    {
        {"AzureAd:Instance", instance},
        {"AzureAd:TenantId", tenantId},
        {"AzureAd:ClientId", clientId},
        {"AzureAd:Scopes", entraScope}  
    })
    .Build();
...
.AddMicrosoftIdentityWebApi(azureAdConfig)

var azureAdConfig = new ConfigurationBuilder()
    .AddInMemoryCollection(new Dictionary<string, string>
    {
        {"AzureAd:Instance", instance},
        {"AzureAd:TenantId", tenantId},
        {"AzureAd:ClientId", clientId},
        {"AzureAd:Scopes", entraScope}  
    })
    .Build();
...
.AddMicrosoftIdentityWebApi(azureAdConfig)

The secret however is not recognized. This error occurs on Request:

System.ArgumentNullException: Value cannot be null. (Parameter 'clientSecret')

System.ArgumentNullException: Value cannot be null. (Parameter 'clientSecret')

✅ ASP.NET Core Environment Variables: missing Parameter "clientSecret" for EntraId

I want to authenticate Users with EntraId & call Downstream-APIs

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(azureAdConfig)
                .EnableTokenAcquisitionToCallDownstreamApi()
                .AddInMemoryTokenCaches();

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(azureAdConfig)
                .EnableTokenAcquisitionToCallDownstreamApi()
                .AddInMemoryTokenCaches();

However, I struggle to get my Environment Variables & Secrets working

Because this is running in a Container I use Environment Variables.
This works fine:

string instance = Environment.GetEnvironmentVariable("ENTRA_INSTANCE") ?? throw new Exception("Missing Environment Variable ENTRA_INSTANCE");
string clientId = Environment.GetEnvironmentVariable("ENTRA_CLIENT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_CLIENT_ID");
string tenantId = Environment.GetEnvironmentVariable("ENTRA_TENANT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_TENANT_ID");
string entraScope = Environment.GetEnvironmentVariable("ENTRA_SCOPES") ?? throw new Exception("Missing Environment Variable ENTRA_SCOPES");

string instance = Environment.GetEnvironmentVariable("ENTRA_INSTANCE") ?? throw new Exception("Missing Environment Variable ENTRA_INSTANCE");
string clientId = Environment.GetEnvironmentVariable("ENTRA_CLIENT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_CLIENT_ID");
string tenantId = Environment.GetEnvironmentVariable("ENTRA_TENANT_ID") ?? throw new Exception("Missing Environment Variable ENTRA_TENANT_ID");
string entraScope = Environment.GetEnvironmentVariable("ENTRA_SCOPES") ?? throw new Exception("Missing Environment Variable ENTRA_SCOPES");

The Compose Secret is in the correct Path in the Container and i add it to config with:

builder.Configuration.AddKeyPerFile(directoryPath: "/run/secrets", optional: false);

builder.Configuration.AddKeyPerFile(directoryPath: "/run/secrets", optional: false);

But i have no idea how to get Auth to work. I have a workaround for the Config that works:

var azureAdConfig = new ConfigurationBuilder()
    .AddInMemoryCollection(new Dictionary<string, string>
    {
        {"AzureAd:Instance", instance},
        {"AzureAd:TenantId", tenantId},
        {"AzureAd:ClientId", clientId},
        {"AzureAd:Scopes", entraScope}  
    })
    .Build();
...
.AddMicrosoftIdentityWebApi(azureAdConfig)

var azureAdConfig = new ConfigurationBuilder()
    .AddInMemoryCollection(new Dictionary<string, string>
    {
        {"AzureAd:Instance", instance},
        {"AzureAd:TenantId", tenantId},
        {"AzureAd:ClientId", clientId},
        {"AzureAd:Scopes", entraScope}  
    })
    .Build();
...
.AddMicrosoftIdentityWebApi(azureAdConfig)

The secret however is not recognized. This error occurs on Request:

System.ArgumentNullException: Value cannot be null. (Parameter 'clientSecret')

System.ArgumentNullException: Value cannot be null. (Parameter 'clientSecret')

✅ ASP.NET Core Environment Variables: missing Parameter "clientSecret" for EntraId

✅ ASP.NET Core Environment Variables: missing Parameter "clientSecret" for EntraId

Similar Threads

Similar Threads

Similar Threads