Next.js Discord

Discord Forum

Access token saved in database by prisma and NextAuth for Microsoft is invalid

Answered
Cinnamon posted this in #help-forum
Open in Discord
Avatar
CinnamonOP
Hi, i'm making a web app and I need my users to login with Microsoft to access their Minecraft account info. I set up prisma and a NextAuth login page, which works but: When trying to access xbox endpoints with the provided access token, the API just responds with an error 400 Bad Request, which is odd.

I've tried everything, and I'm beginning to think that it's a NextAuth problem (or simply a misconfigured Azure AD app)

Could someone help me? I've been stuck on this for the past month
Answered by Cinnamon
The solution was to use "consumers" as tenant id
View full answer

13 Replies

Avatar
Golden-winged Warbler
There is very little here to go on to help you. Try providing more details & code
Avatar
CinnamonOP
here's my auth.ts file
Image
This is the response i get 
Response {
  size: 0,
  [Symbol(Body internals)]: {
    body: PassThrough {
      _readableState: [ReadableState],
      _events: [Object: null prototype],
      _eventsCount: 3,
      _maxListeners: undefined,
      _writableState: [WritableState],
      allowHalfOpen: true,
      [Symbol(kCapture)]: false,
      [Symbol(kCallback)]: null
    },
    stream: PassThrough {
      _readableState: [ReadableState],
      _events: [Object: null prototype],
      _eventsCount: 3,
      _maxListeners: undefined,
      _writableState: [WritableState],
      allowHalfOpen: true,
      [Symbol(kCapture)]: false,
      [Symbol(kCallback)]: null
    },
    boundary: null,
    disturbed: false,
    error: null
  },
  [Symbol(Response internals)]: {
    type: 'default',
    url: 'https://user.auth.xboxlive.com/user/authenticate',
    status: 400,
    statusText: 'Bad Request',
    headers: {
      'cache-control': 'no-cache, no-store',
      connection: 'close',
      'content-length': '0',
      date: 'Tue, 08 Aug 2023 10:27:03 GMT',
      'ms-cv': 'QL/nVywS2kK6Ztr5WX/Abw.0',
      'x-content-type-options': 'nosniff',
      'x-xblcorrelationid': '00000000-0000-0000-0000-000000000000'
    },
    counter: 0,
    highWaterMark: 16384
  }
}
when using the token in other endpoints
Avatar
CinnamonOP
The solution was to use "consumers" as tenant id
Answer
Avatar
Golden-winged Warbler
nice, so you figured it out then? I think I hit a similar error with another auth service, where one of the values had to be set to a specific value, only mentioned in passing in the docs. Auth can be such a pain, currently looking at Keycloak

What are you doing with Minecraft? (out of curiosity)
Avatar
CinnamonOP
I'm making an online bank with an in game mod called computer craft
for a server
Avatar
Golden-winged Warbler
I've been wanting to use Next to make a website around a mod (Vault Hunters https://vaulthunters.gg/) It's arguably more about using CUE to wrangle the JSON
Avatar
CinnamonOP
Oh nice also the mod looks cool
Avatar
Golden-winged Warbler
it's addictive!
If you tune into Iskall's stream, you get to experience and participate in the game development process. Viewers and players have influenced the game, it's fascinating
The skill system is classless, so you can become any class by choosing any mix of skills, paired with gear crafting. Heavily influenced by Diablo